CVE-2017-6401 Veritas CVE debrief

Who should care

Administrators and security teams responsible for Veritas NetBackup or NetBackup Appliance deployments, especially environments that allow local user access or rely on these services for backup management.

Technical summary

The NVD entry classifies the issue as CVSS 3.0 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H and maps it to CWE-269. The vulnerability is described as local arbitrary command execution involving bpcd and bpnbat, indicating a privilege-related control failure that can expose affected hosts to full compromise if exploited by a local user with the required privileges.

Defensive priority

High for any organization running affected Veritas NetBackup or NetBackup Appliance versions. The combination of local access, command execution, and high confidentiality/integrity/availability impact makes this a priority hardening and patching item.

Recommended defensive actions

• Upgrade Veritas NetBackup to a version at or above 8.0.
• Upgrade Veritas NetBackup Appliance to a version at or above 3.0.
• Review and restrict local access to backup server and appliance systems.
• Audit service and administrative permissions around bpcd and bpnbat.
• Consult the Veritas security advisory referenced by the NVD entry for vendor guidance.

Evidence notes

This debrief is based on the NVD CVE record and the vendor advisory reference listed there. The NVD description states that the issue affects Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0 and can permit local arbitrary command execution when using bpcd and bpnbat. The CVSS vector and CWE mapping are taken from the NVD metadata.

Official resources