A critical authentication bypass flaw in Quest NetVault Backup via the addclient3 function exposes administrative interfaces to unauthorized script execution.

This vulnerability involves an XSS flaw within the addclient3 function, which fails to adequately sanitize user input, leading to an authentication bypass. This allows an attacker to manipulate client registration processes and gain unauthorized access to the backup management console.

With a CVSS score of 8.8, this vulnerability represents a substantial threat to internal security controls. Exploitation could allow an attacker to gain administrative control over the backup environment, potentially leading to unauthorized modification of configurations or complete loss of data availability.

Immediate Action: Update the Quest NetVault Backup environment to the latest version released by the vendor to resolve the addclient3 vulnerability.

Proactive Monitoring: Monitor network traffic and application logs for unusual activity associated with client management functions.

Compensating Controls: Utilize a Web Application Firewall (WAF) to inspect and block malicious requests containing script-based payloads directed at the addclient3 endpoint.

Public Exploit Available: false

The severity of this issue necessitates urgent attention from IT security teams. Applying the vendor's patch is the only definitive way to remediate this authentication bypass; regular verification of patch compliance across all backup nodes is highly recommended.