CVE-2023-26789

Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting XSS. The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser...

CVE-2022-36955

In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1...

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection of environmental data such as metadata and virtual environments. A security vulnerabilit...

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...

CVE-2022-36955

In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1...

Command injection

In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1...

CVE-2018-1925

CVE-2018-1925 affects IBM WebSphere MQ (and the MQ Console) versions 9.1.0.0, 9.1.0.1, and 9.1.1, where weaker-than-expected cryptographic algorithms could permit an attacker to decrypt highly sensitive information (man-in-the-middle risk). Connected IBM advisories corroborate affected ranges and...

Security Bulletin: IBM MQ Appliance is affected by a Mozilla Network Security Services (NSS) vulnerability (CVE-2018-12384)

Summary IBM MQ Appliance has addressed the following Mozilla Network Security Services NSS vulnerability. Vulnerability Details CVEID: CVE-2018-12384 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caus...

Security Bulletin: IBM MQ Appliance is affected by a UI message injection vulnerability (CVE-2018-1666)

Summary IBM MQ Appliance has addressed the following UI message injection vulnerability. Vulnerability Details CVEID: CVE-2018-1666 DESCRIPTION: IBM WebSphere DataPower Appliances could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. CVSS Base Score: 4....

Security Bulletin: IBM MQ Appliance is affected by a XML External Entity Injection (XXE) vulnerability (CVE-2018-1669)

Summary IBM MQ Appliance has addressed the following XML External Entity Injection XXE vulnerability. Vulnerability Details CVEID: CVE-2018-1669 DESCRIPTION: IBM WebSphere DataPower Appliances is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker...

Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2018-0732)

Summary IBM MQ Appliance has addressed the following denial of service vulnerability. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Service Tester.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 and 1.7 used by Rational Service Tester. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Performance Tester.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 and 1.7 used by Rational Performance Tester. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime deliver...