CVE-2023-40256 in NetBackup Snapshot Managerinfo

Summary

by MITRE • 08/11/2023

A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the confidentiality and integrity of messages controlling the backup and restore jobs, and could result in the service becoming unavailable. This impacts only the jobs controlling the backup and restore activities, and does not allow access to (or deletion of) the backup snapshot data itself. This vulnerability is confined to the NetBackup Snapshot Manager feature and does not impact the RabbitMQ instance on the NetBackup primary servers.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 01/27/2026

This vulnerability exists within Veritas NetBackup Snapshot Manager version prior to 10.2.0.1 where an improper certificate validation mechanism allows unauthorized clients to establish connections with the RabbitMQ messaging service. The flaw stems from misconfigured RabbitMQ service parameters that fail to properly authenticate client certificates, creating an attack vector for malicious actors to intercept and manipulate backup and restore job communications. The vulnerability specifically affects the message queue infrastructure used for coordinating backup operations rather than the actual data storage components. This misconfiguration enables attackers to potentially disrupt backup operations and compromise the integrity of backup job communications while maintaining confidentiality of the underlying backup data itself. The issue is categorized under CWE-295 which addresses improper certificate validation and aligns with ATT&CK technique T1566 for credential access through service exploitation.

The operational impact of this vulnerability extends beyond simple service disruption to potentially compromise the entire backup orchestration process. Attackers exploiting this weakness could manipulate backup schedules, interfere with restore operations, and potentially cause backup jobs to fail or produce inconsistent results. The confidentiality of backup job messages becomes compromised as attackers can intercept communications between backup clients and the snapshot manager service. Integrity issues arise when malicious actors modify backup job parameters or status updates, potentially leading to unauthorized backup operations or data corruption. While the vulnerability does not directly enable access to backup snapshot data itself, it creates a critical point of failure in the backup management infrastructure that could indirectly lead to data loss or service unavailability. The attack surface is limited to the NetBackup Snapshot Manager feature specifically, but this component is essential for backup job coordination and management.

Mitigation strategies should focus on implementing proper certificate validation mechanisms within the RabbitMQ service configuration for Veritas NetBackup Snapshot Manager. Organizations must ensure that client certificates are properly validated against trusted certificate authorities and that the service configuration enforces strict authentication requirements. The recommended approach includes updating to Veritas NetBackup Snapshot Manager version 10.2.0.1 or later where this vulnerability has been addressed. Network segmentation should be implemented to limit access to the RabbitMQ service to only authorized backup clients and management systems. Additional security controls such as firewall rules, network access controls, and monitoring of RabbitMQ connections should be deployed to detect unauthorized access attempts. The configuration should enforce mutual TLS authentication where both client and server present valid certificates, preventing the scenario where untrusted clients can establish connections. Regular security audits of messaging service configurations and certificate management processes should be conducted to prevent similar misconfigurations from occurring in other components of the backup infrastructure.

Responsible

MITRE

Reservation

08/11/2023

Disclosure

08/11/2023

Moderation

accepted

CPE

ready

EPSS

0.00334

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!