Lucene search

K
cve[email protected]CVE-2022-36994
HistoryJul 28, 2022 - 1:15 a.m.

CVE-2022-36994

2022-07-2801:15:18
web.nvd.nist.gov
32
4
veritas
netbackup
cve-2022-36994
information security
file reading
authenticated access

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.3%

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.

Affected configurations

NVD
Node
veritasflex_applianceMatch1.2
OR
veritasflex_applianceMatch1.3
OR
veritasflex_applianceMatch2.0
OR
veritasflex_applianceMatch2.0.1
OR
veritasflex_applianceMatch2.0.2
OR
veritasflex_applianceMatch2.1
OR
veritasflex_scaleMatch1.3.1
OR
veritasflex_scaleMatch2.1
OR
veritasnetbackupMatch8.1.1
OR
veritasnetbackupMatch8.1.2
OR
veritasnetbackupMatch8.2
OR
veritasnetbackupMatch8.3
OR
veritasnetbackupMatch8.3.0.1
OR
veritasnetbackupMatch8.3.0.2
OR
veritasnetbackupMatch9.0
OR
veritasnetbackupMatch9.0.0.1
OR
veritasnetbackupMatch9.1
OR
veritasnetbackupMatch9.1.0.1
OR
veritasnetbackup_applianceMatch3.1.1
OR
veritasnetbackup_applianceMatch3.1.2
OR
veritasnetbackup_applianceMatch3.2
OR
veritasnetbackup_applianceMatch4.0
OR
veritasnetbackup_applianceMatch4.1
OR
veritasnetbackup_applianceMatch3.2maintenance_release1
OR
veritasnetbackup_applianceMatch3.2maintenance_release2
OR
veritasnetbackup_applianceMatch3.2maintenance_release3
OR
veritasnetbackup_applianceMatch3.3.0.1maintenance_release1
OR
veritasnetbackup_applianceMatch3.3.0.1maintenance_release2
OR
veritasnetbackup_applianceMatch3.3.0.2maintenance_release1
OR
veritasnetbackup_applianceMatch3.3.0.2maintenance_release2
OR
veritasnetbackup_applianceMatch4.0.0.1maintenance_release1
OR
veritasnetbackup_applianceMatch4.0.0.1maintenance_release2
OR
veritasnetbackup_applianceMatch4.0.0.1maintenance_release3
OR
veritasnetbackup_applianceMatch4.1.0.1maintenance_release1
OR
veritasnetbackup_applianceMatch4.1.0.1maintenance_release2

Social References

More

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.3%

Related for CVE-2022-36994