kennyloLevel 23 years agoIs netbackup master server affected by CVE-2022-42889?Is netbackup master server affected by CVE-2022-42889? Thanks. Master Server Version 9.1.0.1 CVE-2022-42889https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/https://www.bleepingcomputer.com/news/security/apache-commons-text-rce-flaw-keep-calm-and-patch-away/
NicolaiModerator3 years agohi kennylo See : https://www.veritas.com/content/support/en_US/securityand https://www.cvedetails.com/vulnerability-list/vendor_id-1884/product_id-4116/Veritas-Netbackup.htmlHamza_HModerator3 years agoBased on what Nicolai shared (thank you for the helpful links) it looks like only data insight is affected by this CVE. so netbackup is not affected (yet).kennyloLevel 23 years agoThanks both.
NicolaiModerator3 years agohi kennylo See : https://www.veritas.com/content/support/en_US/securityand https://www.cvedetails.com/vulnerability-list/vendor_id-1884/product_id-4116/Veritas-Netbackup.html
Hamza_HModerator3 years agoBased on what Nicolai shared (thank you for the helpful links) it looks like only data insight is affected by this CVE. so netbackup is not affected (yet).
Related ContentData Insight - CVE-2022-42889 vulnerability in Apache Commons Text, dubbed "Text4Shell"Oracle redirected restore: bug from Netbackup version 8.3 still affecting version 10?Security Advisory affecting NetBackup on Windows--Issue: Arbitrary File DeleteNetBackup for MySQLRe: Unable to connect to DLO Administration Server.Failed to load configuration settings
Recent DiscussionsNetBackup 10.5 Automatic Malware Scanning of Malware-Tagged Imported ImagesNutanix backup with NBUIT Analitycs 11.5 report for jobs running more then 10 hoursBMR Master Server on Netbackup Flex ApplianceNetbackup upgrade 10.2 to 10.2.0.1 fails