Arbitrary Command Execution Vulnerability in Veritas NetBackup Administrative Assistant Interface

Arbitrary Command Execution Vulnerability in Veritas NetBackup Administrative Assistant Interface

CVE-2004-1389 · MEDIUM Severity

AV:L/AC:H/AU:S/C:C/I:C/A:C

Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.

Learn more about our Cis Benchmark Audit For Server Software.