Veritas InfoScale VIOM SQL注入漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualized environments developed by Veritas Corporation in the United States. Versions of Veritas InfoScale VIOM prior to 9.1.3 contained a SQL injection vulnerability. This vulnerability stems from SQ...

Veritas InfoScale CmdServer 访问控制错误漏洞

Veritas InfoScale CmdServer is a command execution and remote management service component provided by Veritas Corporation in the US, designed for InfoScale cluster environments. Versions of Veritas InfoScale CmdServer prior to 7.4.2 contained an access control vulnerability, which was caused by...

Veritas InfoScale VIOM 跨站脚本漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualization environments developed by Veritas Corporation in the United States. Version 9.1.3 of Veritas InfoScale VIOM contains a cross-site scripting vulnerability, which stems from cross-site...

Veritas Technologies Infoscale Operations Manager 跨站请求伪造漏洞

Veritas Technologies Infoscale Operations Manager is a software developed by Veritas Technologies in the United States, used for managing the entire InfoScale deployment. This software offers features such as multi-cluster management, custom interfaces, and centralized audit logging. Version 9.1....

CVE-2020-37045

Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...

CVE-2020-37045 NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path

Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...

Veritas NetBackup 代码问题漏洞

Veritas NetBackup is a powerful enterprise-level data backup management software developed by Veritas Corporation in the United States. Version 7.0 of Veritas NetBackup contains a code vulnerability. This vulnerability stems from the lack of quotation marks around the NetBackup INET Daemon servic...

MiracleLinux 3 : sos-1.7-9.62.0.1.AXS3 (AXSA:2012-526:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-526:01 advisory. Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging...

CVE-2022-42306

An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbxexchange during registration and cause a NULL pointer exception, effectively crashing the pbxexchange process...

CVE-2022-42307

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity XXE Injection attack through the DiscoveryService service...

CVE-2022-26483

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...

CVE-2022-26484

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

CVE-2020-12875

Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application...

CVE-2020-12876

Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments...

CVE-2020-12874

Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server...

CVE-2021-27876

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

CVE-2021-27878

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

CVE-2022-42302

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service...

CVE-2022-42303

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302...

CVE-2020-12877

Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication...