CVE-2022-42302

The connected Red Hat and NVD entries confirm CVE-2022-42302 affects Veritas NetBackup up to version 10.0 and related Veritas products, with the NetBackup Primary server vulnerable via the NBFSMCLIENT service to a SQL Injection. This is the underlying cause and is tied to high-impact outcomes (C,...

CVE-2022-42303

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302...

CVE-2022-42303

Veritas NetBackup (through v10.0 and related Veritas products) is affected by a SQL Injection issue in the NBFSMCLIENT service. CVE-2022-42302 describes the vulnerability in the NetBackup Primary server; CVE-2022-42303 notes a second-order SQL Injection vector leveraging CVE-2022-42302. Red Hat e...

CVE-2022-42304

CVE-2022-42304 concerns Veritas NetBackup (Primary server) up to version 10.0 and related Veritas products. The issue is a SQL Injection affecting the idm, nbars, and SLP manager code. Root cause details across connected sources indicate the vulnerability resides in SQL injection pathways within ...

CVE-2022-42304

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code...

CVE-2022-42305

Veritas NetBackup through 10.0.0.1 is affected by a path traversal vulnerability in the DiscoveryService that could lead to sensitive data exposure. The issue affects NetBackup Primary servers prior to a version containing the fix; affected component is the DiscoveryService path handling. Impact ...

CVE-2022-42306

An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbxexchange during registration and cause a NULL pointer exception, effectively crashing the pbxexchange process...

CVE-2022-42306

Summary: CVE-2022-42306 affects Veritas NetBackup (and related Veritas products) prior to 8.3. A local attacker can send a crafted packet to the pbx_exchange component during registration, triggering a NULL pointer dereference that crashes the pbx_exchange process (denial of service). Affected ve...

CVE-2022-42307

CVE-2022-42307 affects Veritas NetBackup 10.0.0.1 and earlier, where the NetBackup Primary server’s DiscoveryService is vulnerable to XML External Entity (XXE) Injection. An attacker can exploit the flaw via crafted XML to potentially read local files, with the NVD entry citing high impact across...

CVE-2022-42308

An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbxexchange registration code...

CVE-2022-42308

CVE-2022-42308 affects Veritas NetBackup (and related Veritas products) prior to 8.3. A path traversal in the pbx_exchange registration code allows a local attacker to delete arbitrary files. Impact: local access required; integrity and availability impact reported as high; confidentiality not af...

Veritas NetBackup SQL注入漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection for metadata, virtual environments, and other environmental data. A SQL injection...

Veritas NetBackup SQL注入漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection for metadata, virtual environments, and other environmental data. A SQL injection...

PT-2022-26360 · Veritas · Veritas Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 10.0.0.1 Veritas products affected versions not specified Description: An issue was discovered that makes the NetBackup Primary server vulnerable to a Path traversal attack through the DiscoveryService...

Veritas NetBackup 路径遍历漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection for metadata, virtual environments, and other environmental data. A path traversal...

PT-2022-26356 · Veritas · Veritas Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 10.0.0.1 Description: An issue was discovered that makes the NetBackup Primary server vulnerable to an XML External Entity XXE injection attack through the nbars process. Recommendations: For versions prior...

Veritas NetBackup 代码问题漏洞

Veritas NetBackup is a storage service from Veritas that is used to provide backup and recovery capabilities for enterprise environments. Veritas NetBackup 8.2 and prior versions contain a denial-of-service vulnerability that could be exploited by an attacker with local access to send a construct...

Veritas NetBackup 代码问题漏洞

Veritas NetBackup is a storage service used by Veritas, Inc. to provide backup and recovery capabilities for enterprise environments. Veritas NetBackup 10.0.0.1 and previous versions are vulnerable to XML external entity injection, which stems from the fact that the DiscoveryService service does...

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection for metadata, virtual environments, and other environmental data. A security vulnerabili...

PT-2022-26358 · Veritas · Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 10.0 Description: A second-order SQL Injection attack can be leveraged against the NBFSMCLIENT service of the NetBackup Primary server. Recommendations: For versions prior to 10.0, update to version 10.0 or...