cvedb.io
CVE-2017-8895
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-05-10T21:29:00.177 · Last modified 2026-06-17T01:27:09.703

Summary

In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on.

Affected products

veritas — backup_exec

Does this affect you?

Add your gear to cvedb and we'll alert you only when veritas ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.