PatchSiren cyber security CVE debrief
CVE-2017-6400 Veritas CVE debrief
CVE-2017-6400 describes a local command execution issue in Veritas NetBackup and NetBackup Appliance that can lead to privileged command execution on the affected system. NVD rates the flaw 8.8 (HIGH) with a local attack vector, low privileges required, no user interaction, and high impact to confidentiality, integrity, and availability. The published record dates to 2017-03-02. NVD’s affected CPE criteria also list Veritas Access through 7.2.1, alongside NetBackup through 7.7.1 and NetBackup Appliance through 2.7.1.
- Vendor
- Veritas
- Product
- CVE-2017-6400
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-03-02
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-03-02
- Advisory updated
- 2026-05-13
Who should care
Administrators and security teams running Veritas NetBackup, NetBackup Appliance, or related Veritas Access deployments on systems where local users may have access. Endpoint and server hardening teams should also care because the flaw is exploitable from the local system and can produce elevated command execution.
Technical summary
The NVD entry maps this vulnerability to CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating a low-complexity local attack that requires low privileges and no user interaction. The issue is described as privileged command execution on the NetBackup Server and Client (local system). Affected version criteria in NVD include Veritas NetBackup 7.7.1 and earlier, NetBackup Appliance 2.7.1 and earlier, and Veritas Access 7.2.1 and earlier. The vendor advisory reference in the source corpus points to Veritas security bulletin VTS17-003.
Defensive priority
High for environments with local-user exposure on affected Veritas systems. Because the flaw can yield privileged command execution with high CIA impact, upgrading to fixed releases should be prioritized over routine maintenance. Systems that already restrict local access are still in scope if an attacker can obtain any low-privilege foothold.
Recommended defensive actions
- Upgrade Veritas NetBackup to 7.7.2 or later.
- Upgrade Veritas NetBackup Appliance to 2.7.2 or later.
- If Veritas Access is deployed, verify whether the environment is at or below 7.2.1 and upgrade to a fixed release.
- Review the Veritas advisory VTS17-003 and validate vendor-recommended remediation steps for your product line.
- Limit and monitor local administrative and shell access on backup servers and appliances to reduce exposure to local privilege abuse.
- Audit affected systems for unexpected command execution activity and privilege escalation indicators before and after remediation.
Evidence notes
All core claims are supported by the supplied NVD record and referenced Veritas advisory link. The publication date used here is the CVE publication timestamp of 2017-03-02T06:59:00.573Z, not the later NVD modification timestamp. Affected versions are taken from the NVD CPE criteria and the product description in the CVE record.
Official resources
-
CVE-2017-6400 CVE record
CVE.org
-
CVE-2017-6400 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE published: 2017-03-02T06:59:00.573Z. The source record was later modified by NVD on 2026-05-13T00:24:29.033Z; this later timestamp reflects record maintenance, not the vulnerability’s original disclosure date.