Lucene search

[email protected]NVD:CVE-2022-46414

HistoryDec 04, 2022 - 5:15 a.m.

CVE-2022-46414

2022-12-0405:15:10

[email protected]

web.nvd.nist.gov

veritas netbackup

remote command execution

unauthenticated

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

65.5%

JSON

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.

Affected configurations

Nvd

Node

veritasaccess_applianceRange≤8.0.100

veritasnetbackup_flex_scale_applianceRange≤3.0

VendorProductVersionCPE
veritasaccess_appliance*cpe:2.3:a:veritas:access_appliance:*:*:*:*:*:*:*:*
veritasnetbackup_flex_scale_appliance*cpe:2.3:a:veritas:netbackup_flex_scale_appliance:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
veritas	access_appliance	*	cpe:2.3:a:veritas:access_appliance::::::::
veritas	netbackup_flex_scale_appliance	*	cpe:2.3:a:veritas:netbackup_flex_scale_appliance::::::::

References

www.veritas.com/content/support/en_US/security/VTS22-019#issue1

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

65.5%

JSON

Related for NVD:CVE-2022-46414

cvelist1 prion1 cve1