Veritas NetBackup Privilege escalation (VTS24-012)

high Nessus Plugin ID 210588

Language:

Synopsis

The remote host is missing a security update.

Description

The version of Veritas NetBackup installed on the remote host is 9.1.0.1, 10.0, 10.0.0.1, 10.1, 10.1.1, 10.2, 10.2.0.1, 10.3, or 10.3.0.1. It is, therefore, affected by a vulnerability as referenced in the VTS24-012 advisory.

- This attack requires the attacker to have write access to the root drive where NetBackup is installed, allowing them to install a malicious DLL. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, the malicious DLL could be loaded, resulting in execution of the attacker’s code in the user’s security context.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to NetBackup version 10.5 or 10.4.01 and apply the appropriate hotfix or 10.3.01 and apply the appropriate hotfix.

Plugin Details

Severity: High

ID: 210588

File Name: veritas_netbackup_VTS24-012.nasl

Version: 1.3

Type: local

Agent: windows

Family: Windows

Published: 11/8/2024

Updated: 11/11/2024

Configuration: Enable paranoid mode

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS Score Rationale: Score based on analysis of the vendor advisory.

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: manual

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:veritas:netbackup

Required KB Items: Settings/ParanoidReport, installed_sw/NetBackup

Patch Publication Date: 11/4/2024

Vulnerability Publication Date: 11/4/2024

Reference Information

IAVA: 2024-A-0704-S

Detections

Analytics