Quest NetVault Backup NVBUJobCountHistory Get Method SQL Injection
TSL ID TSL20171215-08
CVE ID(s) CVE-2017-17420
Severity High

An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUJobCountHistory class.

A remote unauthenticated attacker could exploit this vulnerability by sending maliciously crafted requests to the target server. Successful exploitation of the vulnerability could allow the attacker to execute arbitrary code under the security context of the database service.

At the time of writing, the vendor has not released any advisory regarding this vulnerability. According to Trend Micro Zero Day Initiative, the vulnerability has been resolved in version 11.4.5.

Affected Products
  • Quest Software NetVault Backup prior to 11.4.5
CVSS Score Base 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is PARTIAL
  • Impact of this vulnerability on data integrity is PARTIAL
  • Impact of this vulnerability on data availability is PARTIAL
Temporal 5.5 (E:U/RL:OF/RC:C):
  • The exploitability level of this vulnerability is UNPROVEN
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
Related Threats