Filtered by vendor Veritas
Subscribe
Total
104 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-37000 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 6.5 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. | |||||
CVE-2022-36997 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 8.8 HIGH |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service. | |||||
CVE-2022-36991 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 6.5 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server. | |||||
CVE-2022-36987 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 6.5 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server. | |||||
CVE-2022-36985 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 7.8 HIGH |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges. | |||||
CVE-2022-36986 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 9.8 CRITICAL |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. | |||||
CVE-2022-36988 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 8.8 HIGH |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server. | |||||
CVE-2022-36951 | 1 Veritas | 1 Netbackup | 2024-02-04 | N/A | 9.8 CRITICAL |
In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | |||||
CVE-2022-36948 | 1 Veritas | 1 Netbackup | 2024-02-04 | N/A | 5.4 MEDIUM |
In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | |||||
CVE-2022-36956 | 1 Veritas | 1 Netbackup | 2024-02-04 | N/A | 7.5 HIGH |
In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1. | |||||
CVE-2022-36994 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 6.5 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server. | |||||
CVE-2022-41319 | 1 Veritas | 1 Desktop And Laptop Option | 2024-02-04 | N/A | 6.1 MEDIUM |
A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI). This affects versions before 9.8 (e.g., 9.1 through 9.7). | |||||
CVE-2022-36999 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 6.5 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. | |||||
CVE-2022-36954 | 1 Veritas | 1 Netbackup | 2024-02-04 | N/A | 6.5 MEDIUM |
In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | |||||
CVE-2022-36995 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 4.3 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server. | |||||
CVE-2022-36993 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 8.8 HIGH |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. | |||||
CVE-2022-36955 | 1 Veritas | 1 Netbackup | 2024-02-04 | N/A | 8.4 HIGH |
In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1. | |||||
CVE-2022-36996 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-02-04 | N/A | 6.5 MEDIUM |
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server. | |||||
CVE-2022-26483 | 1 Veritas | 1 Infoscale Operations Manager | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization). | |||||
CVE-2022-26778 | 1 Veritas | 1 System Recovery | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. This could allow a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access. |