First published: Tue May 09 2017(Updated: )
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Veritas NetBackup | <=8.0 | |
Veritas NetBackup Appliance | <=3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-8856 has been classified as a critical vulnerability due to the potential for unauthenticated remote command execution.
To fix CVE-2017-8856, it is recommended to upgrade to Veritas NetBackup version 8.1 or later and NetBackup Appliance version 3.1 or later.
CVE-2017-8856 affects Veritas NetBackup versions 8.0 and earlier, as well as NetBackup Appliance versions 3.0 and earlier.
The impact of CVE-2017-8856 is that it allows arbitrary remote command execution, compromising the security of affected systems.
No, CVE-2017-8856 can be exploited without authentication, making it particularly dangerous.