Products
Veritas NetBackup
- before 10.4
NetBackup Appliance
- before 5.4
Source
cve@mitre.org
Tags
CVE-2024-34404 details
Last Modified : May 3, 2024, 12:50 p.m.
Description
A vulnerability was discovered in the Alta Recovery Vault feature of Veritas NetBackup before 10.4 and NetBackup Appliance before 5.4. By design, only the cloud administrator should be able to disable the retention lock of Governance mode images. This vulnerability allowed a NetBackup administrator to modify the expiration of backups under Governance mode (which could cause premature deletion).
CVSS Score
1 | 2 | 3 | 4 | 5 | 6.8 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
6.8
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
References
URL | Source |
---|---|
https://www.veritas.com/support/en_US/security/VTS24-004 | cve@mitre.org |