Vulnerability Details CVE-2023-37237
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.3%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-37237
-
cpe:2.3:h:veritas:netbackup_appliance:-
-
cpe:2.3:h:veritas:netbackup_appliance:3.2
-
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1
-
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2
-
cpe:2.3:h:veritas:netbackup_appliance:4.0
-
cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1
-
cpe:2.3:h:veritas:netbackup_appliance:4.1
-
cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1