CVE-2017-6404

Published: Mar 2, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data.

Affected (2)

Products: Veritas: Netbackup, Netbackup Appliance

Veritas

2 products

Netbackup

Netbackup Appliance

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Veritas Netbackup	Up to 7.6.1.2
Veritas Netbackup Appliance	Up to 2.6.1.2

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (4)

http://www.securityfocus.com/bid/96494

Source: cve@mitre.org

https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue9

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/96494

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue9

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.