SQL Injection in Quest Netvault Backup
CVE-2017-17423
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling…
Vulnerability class: SQL Injection
EPSS: 0.041 (89.4th percentile) — read the EPSS interpretation.
Affected products
- Quest Netvault Backup — versions 11.3.0.12
Weakness classification (CWE)
References
- zerodayinitiative.com/advisories/ZDI-17-976 (x_refsource_MISC)