Vulnerability Details CVE-2023-37237
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 39.8%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-37237
-
cpe:2.3:h:veritas:netbackup_appliance:-
-
cpe:2.3:h:veritas:netbackup_appliance:3.2
-
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1
-
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2
-
cpe:2.3:h:veritas:netbackup_appliance:4.0
-
cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1
-
cpe:2.3:h:veritas:netbackup_appliance:4.1
-
cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1