19 matches found
CVE-2022-22965
CVE-2022-22965 (Spring4Shell) affects Spring Framework’s Spring MVC and Spring WebFlux when data binding is enabled in apps running on JDK 9+, with exploitation requiring Tomcat as WAR deployment. The issue is not exploited in Spring Boot executable jars. Vulnerable configurations are associated ...
CVE-2022-36987
CVE-2022-36987 – Veritas NetBackup : The issue affects NetBackup in versions 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, and 9.x through 9.0.0.1, plus 9.1.x through 9.1.0.1. An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary serve...
CVE-2022-36986
CVE-2022-36986 affects Veritas NetBackup: vulnerable versions include 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an unauthenticated attacker to remotely execute arbitrary commands on a NetBackup Primary server, via a remote execution path described in multip...
CVE-2022-36990
CVE-2022-36990 affects Veritas NetBackup, including versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Affected components: NetBackup Client and Primary server configuration. Vulnerability allows an attacker with authenticated access to a NetBackup Client to remotely write ...
CVE-2022-36988
Veritas NetBackup CVE-2022-36988 affects NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server to remotely execute arbitrary commands on...
CVE-2022-36991
Veritas NetBackup vulnerable versions: 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An authenticated NetBackup Client can arbitrarily write content to a partially controlled path on the NetBackup Primary server, due to a design/logic flaw in NetBackup components. The root caus...
CVE-2022-36995
CVE-2022-36995 affects Veritas NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup Client to arbitrarily create directories on a NetBackup Primary server, revealing a path-based permission/control concern...
CVE-2022-36998
The CVE-2022-36998 issue affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The vulnerability is a stack-based buffer overflow on the NetBackup Primary server that can be triggered by an authenticated NetBackup Client, leading to DoS. The connected...
CVE-2022-36993
CVE-2022-36993 affects Veritas NetBackup: multiple versions (8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, 9.1.x–9.1.0.1) are vulnerable. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. The issue is confirmed acr...
CVE-2022-36996
CVE-2022-36996 affects Veritas NetBackup: vulnerable in versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Affected component is the NetBackup client’s ability to enumerate hosts known to a NetBackup Primary server when an attacker has client access. This results in informa...
CVE-2022-36994
The CVE-2022-36994 issue affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Description: An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server. Root cause: improper access control a...
CVE-2022-36989
CVE-2022-36989 affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An attacker with authenticated NetBackup Client access could remotely execute arbitrary commands on a NetBackup Primary server. The connected PT-2022-23733 entry provides remediation...
CVE-2022-36997
CVE-2022-36997 affects Veritas NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an authenticated NetBackup Client with remote access to trigger arbitrary file reads, SSRF, and DoS. Root cause details are not provided in the connected documents. Public ex...
CVE-2022-37000
Veritas NetBackup vulnerability CVE-2022-37000 affects NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. Several connect...
CVE-2022-36992
CVE-2022-36992 affects Veritas NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server under specific notify conditions. Multiple sources (NVD, Re...
CVE-2022-36999
Summary: CVE-2022-36999 affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup Client to remotely read files on a NetBackup Primary server under certain conditions. Root cause/detail...
CVE-2022-36984
Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1 are affected by CVE-2022-36984. The issue allows an attacker with authenticated access to a NetBackup Client to remotely trigger a denial-of-service against a NetBackup Primary server. The root cause is not...
CVE-2019-18780
CVE-2019-18780 is an arbitrary command-injection vulnerability in the Veritas InfoScale Cluster Server component. An unauthenticated remote attacker could execute arbitrary commands as root/administrator. Affected products include Veritas Access (7.4.2 and earlier), Access Appliance (7.4.2 and ea...
CVE-2022-36985
CVE-2022-36985 affects Veritas NetBackup on Windows: vulnerable in NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An unprivileged local attacker on a NetBackup Primary server could escalate privileges. Connected documents confirm affected versions and local-privilege-e...