CVE-2018-18652

A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
veritasnetbackup_appliance
𝑥
< 3.1.2
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/105737
https://www.veritas.com/content/support/en_US/security/VTS18-003.html
http://www.securityfocus.com/bid/105737
https://www.veritas.com/content/support/en_US/security/VTS18-003.html