Vulnerabilites related to symantec - netbackup_server
Vulnerability from fkie_nvd
Published
2008-09-30 17:22
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to "bpjava* binaries."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | netbackup_enterprise_server | 5.1 | |
| symantec | netbackup_enterprise_server | 6.0 | |
| symantec | netbackup_enterprise_server | 6.5 | |
| symantec | netbackup_server | 5.1 | |
| symantec | netbackup_server | 6.0 | |
| symantec | netbackup_server | 6.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:netbackup_enterprise_server:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41EACE89-5A6D-44C6-8E58-F3773FA24F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:netbackup_enterprise_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "557DE286-5961-46B0-AB74-1FAB81214200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:netbackup_enterprise_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16280E59-273D-4A09-A7A0-24C102746715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:netbackup_server:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C3B5DE-1376-4079-B16D-2DF63BB1B7D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:netbackup_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "691FB20C-C2F7-4E04-9296-CDB3289FEA7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:netbackup_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A3134C1-5569-4161-8251-4B6055858977",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to \"bpjava* binaries.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Java Administration GUI (jnbSA) de Symantec Veritas NetBackup Server y NetBackup Enterprise Server v5.1 antes de MP7, v6.0 antes de MP7, y v6.5 antes de v6.5.2 permite a usuarios autenticados obtener privilegios a trav\u00e9s de vectores de ataque desconocidos relacionados a \"binarios bpjava*\""
}
],
"id": "CVE-2008-4339",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-30T17:22:09.443",
"references": [
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31221"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020928"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.09.24a.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2672"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.09.24a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45386"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-4339 (GCVE-0-2008-4339)
Vulnerability from cvelistv5
Published
2008-09-30 17:00
Modified
2024-08-07 10:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to "bpjava* binaries."
References
| ▼ | URL | Tags |
|---|---|---|
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.symantec.com/avcenter/security/Content/2008.09.24a.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/31221 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1020928 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2672 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45386 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:35.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "239908",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.09.24a.html"
},
{
"name": "31221",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31221"
},
{
"name": "1020928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020928"
},
{
"name": "ADV-2008-2672",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2672"
},
{
"name": "veritas-netbackup-jnbsa-privilege-escalation(45386)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to \"bpjava* binaries.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "239908",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.09.24a.html"
},
{
"name": "31221",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31221"
},
{
"name": "1020928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020928"
},
{
"name": "ADV-2008-2672",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2672"
},
{
"name": "veritas-netbackup-jnbsa-privilege-escalation(45386)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4339",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to \"bpjava* binaries.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "239908",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2008.09.24a.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2008.09.24a.html"
},
{
"name": "31221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31221"
},
{
"name": "1020928",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020928"
},
{
"name": "ADV-2008-2672",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2672"
},
{
"name": "veritas-netbackup-jnbsa-privilege-escalation(45386)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4339",
"datePublished": "2008-09-30T17:00:00",
"dateReserved": "2008-09-30T00:00:00",
"dateUpdated": "2024-08-07T10:08:35.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}