{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-04-26T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU server, which allows remote attackers to obtain sensitive information by sniffing the network for key-exchange packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-29T16:57:01.000Z", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"}, {"name": "1035704", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035704"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@symantec.com", "ID": "CVE-2015-6551", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU server, which allows remote attackers to obtain sensitive information by sniffing the network for key-exchange packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html", "refsource": "CONFIRM", "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"}, {"name": "1035704", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035704"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:22:22.172Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"}, {"name": "1035704", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035704"}]}]}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2015-6551", "datePublished": "2016-05-07T14:00:00.000Z", "dateReserved": "2015-08-21T00:00:00.000Z", "dateUpdated": "2024-08-06T07:22:22.172Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D99C75EB-3507-4704-A565-AB2CF5369A74", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC406C50-6C2B-4160-890F-29DC444DC886", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "778FBECC-2C4C-45D5-A1E8-6678C541AA02", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "46E3145F-197D-4860-AF50-8970CC803BFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A17E4E50-9D65-460F-8BE1-27A174A6254A", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5A861A3-FF48-47AD-BDE0-323E12CB7819", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "7EC7B2BA-DC01-4611-921B-C8C94651F142", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B7002266-E3B0-4A96-BE09-741A30E74B40", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "04D8275D-EE04-4BF7-9482-AE75A2E21F0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C24158D-E922-4B07-8F67-58DD714346E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "658F2C00-3B49-4011-9F83-62ED504F7476", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "AE16FC2F-C5E8-43E5-A644-F4D5FF06B464", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "A48563EA-D19E-4B62-8AE9-BE15D5EB8932", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6E294AFF-E630-4A50-B3DE-E16AF3E595E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B9465004-79E0-46B0-B66A-48F3665ADA8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE8A0C61-6B44-4344-AFC9-834B5B653B58", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA84E2A3-6A57-4753-A6A6-61F6C4D817E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "1F92467E-E91F-464F-B8C0-8724E4DB83CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "16F9CE3B-72E9-4A37-8E42-5495AB4E8C33", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:veritas:netbackup:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "ACD568CB-7839-4DD4-AA6C-E3F14D54477B", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4356423A-17CF-4013-977B-F151BB5CC206", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D6B50CD5-C171-4E78-A22F-9B9ADFF505CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EF9E0A06-0022-43B1-9DFD-025D4FB13055", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5B3F9EB4-412C-4CC0-95FC-8C56F1AAD880", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F34BBD63-741B-4AAE-BFFE-7BAACFF1BCA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "40301990-E272-40C0-90B7-FCDA3B4B5CD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "EAED7E07-8FFC-48AD-9D50-0D65ACEE1529", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "9163537F-6657-4758-A980-6CCC8283F51B", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAD0859E-A3D1-416B-B841-EB052CAF6CEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "54A5CAC2-5DD8-4FAE-B661-32A0017A557A", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D741998D-20C0-4627-BF23-023D6C341746", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "01F5DFE7-64AF-4228-A30A-340B7BAA86EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6D479700-9A02-466B-A2CD-107F6EAF4AC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E185B358-0805-4241-9960-23216974BEFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B672A9C-7549-4120-A966-D24090575506", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E464653E-CFE4-4F9E-A021-DB16D9CE6046", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:netbackup:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C760A6C-ADA4-4D5D-8C63-54B1B93B1DEF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU server, which allows remote attackers to obtain sensitive information by sniffing the network for key-exchange packets."}, {"lang": "es", "value": "Veritas NetBackup 7.x hasta la versi\u00f3n 7.5.0.7 y 7.6.0.x hasta la versi\u00f3n 7.6.0.4 y NetBackup Appliance hasta la versi\u00f3n 2.5.4 y 2.6.0.x hasta la versi\u00f3n 2.6.0.4 no utilizan TLS para el tr\u00e1fico de la consola de administraci\u00f3n al servidor NBU, lo que permite a atacantes remotos obtener informaci\u00f3n sensible husmeando la red en busca de paquetes de intercambio de clave."}], "id": "CVE-2015-6551", "lastModified": "2026-05-06T22:30:45.220", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-07T14:59:01.197", "references": [{"source": "secure@symantec.com", "url": "http://www.securitytracker.com/id/1035704"}, {"source": "secure@symantec.com", "tags": ["Vendor Advisory"], "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1035704"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.veritas.com/content/support/en_US/security/VTS16-001.html"}], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}