CVE-2018-18652

A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.

Published: Oct 26, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-18652
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
veritas / netbackup_appliance	-	3.1.2

http://www.securityfocus.com/bid/105737
https://www.veritas.com/content/support/en_US/security/VTS18-003.html

Vulnerability Database

289,599

CVE-2018-18652