Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-40256: NetBackup Snapshot Manager RabbitMQ Authentication Bypass Vulnerability

A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.

CVE
#vulnerability#auth

Revision History

  • 1.0: July 26, 2023: Initial version
  • 1.1: July 28, 2023: Updated Issue description

Summary

A vulnerability was discovered in Veritas NetBackup Snapshot Manager which allowed untrusted clients to interact with the RabbitMQ service.

Issue

The vulnerability was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this vulnerability impacts the confidentiality and integrity of messages controlling the backup and restore jobs and could result in the service becoming unavailable. This vulnerability impacts only the jobs controlling the backup and restore activities and does not allow access or deletion of the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.

  • CVE ID: To be announced
  • Severity: Critical
  • CVSS v3.1 Base Score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
  • CWE: 295 - Improper Certificate Validation

****Affected Versions****

Veritas NetBackup Snapshot Manager Versions 8.3.0.1, 8.3.0.2, 9.0, 9.1, 9.1.0.1, 10.0, 10.0.0.1, 10.1, 10.1.1, 10.2. Earlier unsupported versions of the predecessor Veritas NetBackup CloudPoint application may be affected as well.

Remediation

Customers under a current maintenance contract should update to the NetBackup Snapshot Manager as described below:

  • Upgrade to 10.2.0.1 (highly recommended)
  • Deploy the 10.1.1 Hotfix (upgrade to 10.1.1 is a pre-requisite)
  • Deploy the 10.0.0.1 Hotfix (upgrade to 10.0.0.1 is a pre-requisite)

See the Veritas Download Center for available updates: https://www.veritas.com/support/en_US/downloads

Questions

For questions or problems regarding these vulnerabilities please contact Veritas Technical Support (https://www.veritas.com/support)

Acknowledgement

Veritas would like to thank Palindrome Technologies for responsibly reporting this issue to us.

Disclaimer

THE SECURITY ADVISORY IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

Veritas Technologies LLC
2625 Augustine Drive
Santa Clara, CA 95054

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907