CVE-2017-17423 : Security Advisory and Response

A vulnerability in Quest NetVault Backup 11.3.0.12 allows remote attackers to execute code without authentication, posing a significant security risk.

Understanding CVE-2017-17423

This CVE involves a flaw in the handling of user-provided strings in SQL queries within the NVBUBackupSegment Get method, enabling attackers to run code within the database's context.

What is CVE-2017-17423?

The vulnerability in Quest NetVault Backup 11.3.0.12 permits remote code execution without requiring authentication, making it exploitable by malicious actors.

The Impact of CVE-2017-17423

Remote attackers can execute arbitrary code on vulnerable installations without authentication
Improper validation of user-supplied strings allows attackers to construct SQL queries
Attackers can exploit this flaw to run code within the database's context

Technical Details of CVE-2017-17423

This section provides detailed technical insights into the vulnerability.

Vulnerability Description

The vulnerability arises from improper validation of user-supplied strings before using them to create SQL queries within the NVBUBackupSegment Get method.

Affected Systems and Versions

Product: Quest NetVault Backup
Vendor: Quest
Version: 11.3.0.12

Exploitation Mechanism

Attackers can exploit the lack of proper validation of user-supplied strings to execute code within the database's context.

Mitigation and Prevention

Protecting systems from CVE-2017-17423 requires immediate actions and long-term security practices.

Immediate Steps to Take

Apply vendor-supplied patches or updates promptly
Implement network security measures to restrict access to vulnerable systems

Long-Term Security Practices

Regularly update and patch software to address known vulnerabilities
Conduct security assessments and penetration testing to identify and remediate weaknesses

Patching and Updates

Quest NetVault Backup users should apply the latest patches provided by the vendor to mitigate the vulnerability