Insecure Permissions Allow Admin to Bypass Shell Restrictions in Veritas NetBackup Appliance

CVE-2023-37237 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH.

Learn more about our Web Application Penetration Testing UK.