Strix
26.1K

CVE-2023-40256

CRITICALCVSS 9.8/10EPSS 0.33%

Last modified

CVE-2023-40256 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. EPSS estimates a 0.33% chance of exploitation in the next 30 days.

Description

A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.33%

25.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
VeritasNetbackup Snapshot Manager<= 8.3.0.2
VeritasNetbackup Snapshot Manager9.0
VeritasNetbackup Snapshot Manager9.1
VeritasNetbackup Snapshot Manager9.1.0.1
VeritasNetbackup Snapshot Manager10.0
VeritasNetbackup Snapshot Manager10.0.0.1
VeritasNetbackup Snapshot Manager10.1
VeritasNetbackup Snapshot Manager10.1.1
VeritasNetbackup Snapshot Manager10.2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-40256?
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.
How severe is CVE-2023-40256?
CVE-2023-40256 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 0.33% probability of exploitation in the next 30 days.
How do I fix CVE-2023-40256?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-40256?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST