CVE-2017-6408

Severity CVSS v4.0:
Pending analysis
Type:
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
02/03/2017
Last modified:
20/04/2025

Description

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:veritas:netbackup:*:*:*:*:*:*:*:* 8.0 (including)
cpe:2.3:a:veritas:netbackup_appliance:*:*:*:*:*:*:*:* 3.0 (including)