CVE-2023-28758

An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files.

Published: Mar 23, 2023
Updated: Apr 14, 2023
CVE: CVE-2023-28758
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
veritas / netbackup	-	8.3.0.2

https://www.veritas.com/content/support/en_US/security/VTS23-003

Vulnerability Database

289,697

CVE-2023-28758