fkie_nvd - fkie_cve-2015-6552

fkie_cve-2015-6552

Vulnerability from fkie_nvd

Published

2016-05-07 14:59

Modified

2025-04-12 10:46

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to make arbitrary RPC calls via unspecified vectors.

References

URL	Tags
secure@symantec.com	http://www.securitytracker.com/id/1035704
secure@symantec.com	https://www.veritas.com/content/support/en_US/security/VTS16-001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035704
af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS16-001.html	Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	netbackup_appliance	1.1.0.1
veritas	netbackup_appliance	1.1.0.2
veritas	netbackup_appliance	1.2
veritas	netbackup_appliance	2.0
veritas	netbackup_appliance	2.0.1
veritas	netbackup_appliance	2.0.2
veritas	netbackup_appliance	2.0.3
veritas	netbackup_appliance	2.5
veritas	netbackup_appliance	2.5.1
veritas	netbackup_appliance	2.5.2
veritas	netbackup_appliance	2.5.3
veritas	netbackup_appliance	2.6
veritas	netbackup_appliance	2.6.0.2
veritas	netbackup_appliance	2.6.0.3
veritas	netbackup_appliance	2.6.0.4
veritas	netbackup_appliance	2.6.1
veritas	netbackup_appliance	2.6.1.1
veritas	netbackup_appliance	2.6.1.2
veritas	netbackup_appliance	2.7.1
veritas	netbackup	7.0
veritas	netbackup	7.0.1
veritas	netbackup	7.1.0.1
veritas	netbackup	7.1.0.2
veritas	netbackup	7.1.0.3
veritas	netbackup	7.1.0.4
veritas	netbackup	7.5.0.1
veritas	netbackup	7.5.0.3
veritas	netbackup	7.5.0.4
veritas	netbackup	7.5.0.5
veritas	netbackup	7.5.0.6
veritas	netbackup	7.5.0.7
veritas	netbackup	7.6.0.2
veritas	netbackup	7.6.0.3
veritas	netbackup	7.6.0.4
veritas	netbackup	7.6.1.1
veritas	netbackup	7.6.1.2
veritas	netbackup	7.7.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99C75EB-3507-4704-A565-AB2CF5369A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC406C50-6C2B-4160-890F-29DC444DC886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FBECC-2C4C-45D5-A1E8-6678C541AA02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "46E3145F-197D-4860-AF50-8970CC803BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17E4E50-9D65-460F-8BE1-27A174A6254A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A861A3-FF48-47AD-BDE0-323E12CB7819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC7B2BA-DC01-4611-921B-C8C94651F142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7002266-E3B0-4A96-BE09-741A30E74B40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D8275D-EE04-4BF7-9482-AE75A2E21F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C24158D-E922-4B07-8F67-58DD714346E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "658F2C00-3B49-4011-9F83-62ED504F7476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE16FC2F-C5E8-43E5-A644-F4D5FF06B464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48563EA-D19E-4B62-8AE9-BE15D5EB8932",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E294AFF-E630-4A50-B3DE-E16AF3E595E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9465004-79E0-46B0-B66A-48F3665ADA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8A0C61-6B44-4344-AFC9-834B5B653B58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA84E2A3-6A57-4753-A6A6-61F6C4D817E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F92467E-E91F-464F-B8C0-8724E4DB83CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F9CE3B-72E9-4A37-8E42-5495AB4E8C33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACD568CB-7839-4DD4-AA6C-E3F14D54477B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4356423A-17CF-4013-977B-F151BB5CC206",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6B50CD5-C171-4E78-A22F-9B9ADFF505CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9E0A06-0022-43B1-9DFD-025D4FB13055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3F9EB4-412C-4CC0-95FC-8C56F1AAD880",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F34BBD63-741B-4AAE-BFFE-7BAACFF1BCA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40301990-E272-40C0-90B7-FCDA3B4B5CD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAED7E07-8FFC-48AD-9D50-0D65ACEE1529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9163537F-6657-4758-A980-6CCC8283F51B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD0859E-A3D1-416B-B841-EB052CAF6CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "54A5CAC2-5DD8-4FAE-B661-32A0017A557A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D741998D-20C0-4627-BF23-023D6C341746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01F5DFE7-64AF-4228-A30A-340B7BAA86EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D479700-9A02-466B-A2CD-107F6EAF4AC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E185B358-0805-4241-9960-23216974BEFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B672A9C-7549-4120-A966-D24090575506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E464653E-CFE4-4F9E-A021-DB16D9CE6046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:7.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C760A6C-ADA4-4D5D-8C63-54B1B93B1DEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to make arbitrary RPC calls via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n del protocolo management-services en Veritas NetBackup 7.x hasta la versi\u00f3n 7.5.0.7, 7.6.0.x hasta la versi\u00f3n 7.6.0.4, 7.6.1.x hasta la versi\u00f3n 7.6.1.2 y 7.7.x en versiones anteriores a 7.7.2 y NetBackup Appliance hasta la versi\u00f3n 2.5.4, 2.6.0.x hasta la versi\u00f3n 2.6.0.4, 2.6.1.x hasta la versi\u00f3n 2.6.1.2 y 2.7.x en versiones anteriores a 2.7.2 permite a atacantes remotos hacer llamadas RPC arbitrarias a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-6552",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-05-07T14:59:02.570",
  "references": [
    {
      "source": "secure@symantec.com",
      "url": "http://www.securitytracker.com/id/1035704"
    },
    {
      "source": "secure@symantec.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"
    }
  ],
  "sourceIdentifier": "secure@symantec.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2015-6552 (GCVE-0-2015-6552)

Vulnerability from cvelistv5

Published

2016-05-07 14:00