CVE-2024-34404

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published May 3, 2024

Summary

CVE-2024-34404 is a vulnerability affecting the Alta Recovery Vault feature in Veritas NetBackup versions before 10.4 and NetBackup Appliance versions before 5.4. The issue permits a NetBackup administrator to manipulate the expiration of backups under Governance mode, an action that is typically restricted to the cloud administrator. This could potentially result in premature deletion of critical data. The vulnerability arises due to a design weakness that grants excessive privileges to NetBackup administrators.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vvJcrM
https://www.cve.org/CVERecord?id=CVE-2024-34404
https://nvd.nist.gov/vuln/detail/CVE-2024-34404

Back to Vulnerability Database

CVE-2024-34404

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations