HTTP: Quest NetVault Backup NVBUTransferHistory Get Method SQL Injection
An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. Successful exploitation of the vulnerabilities could allow the attacker to execute arbitrary code under the security context of the database service.
Extended Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Count method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. Was ZDI-CAN-4238.
Affected Products
Quest netvault_backup
Short Name
HTTP:SQL:QUEST-SQLI
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Backup CVE-2017-17412 CVE-2017-17419 CVE-2017-17420 CVE-2017-17652 Get Injection Method NVBUTransferHistory NetVault Quest SQL
Release Date
03/13/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3693
False Positive
Unknown
Vendors
Quest
CVSS Score
7.5