Lucene search
+L
VeritasFlex Appliance

19 matches found

CVE
CVE
added 2022/04/01 10:17 p.m.2500 views

CVE-2022-22965

CVE-2022-22965 (Spring4Shell) affects Spring Framework’s Spring MVC and Spring WebFlux when data binding is enabled in apps running on JDK 9+, with exploitation requiring Tomcat as WAR deployment. The issue is not exploited in Spring Boot executable jars. Vulnerable configurations are associated ...

9.8CVSS8.7AI score0.99677EPSS
In wildWeb
CVE
CVE
added 2022/07/28 12:55 a.m.114 views

CVE-2022-36987

CVE-2022-36987 – Veritas NetBackup : The issue affects NetBackup in versions 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, and 9.x through 9.0.0.1, plus 9.1.x through 9.1.0.1. An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary serve...

8.5CVSS6.3AI score0.00553EPSS
CVE
CVE
added 2022/07/28 12:56 a.m.108 views

CVE-2022-36986

CVE-2022-36986 affects Veritas NetBackup: vulnerable versions include 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an unauthenticated attacker to remotely execute arbitrary commands on a NetBackup Primary server, via a remote execution path described in multip...

9.8CVSS9.7AI score0.00838EPSS
CVE
CVE
added 2022/07/28 12:54 a.m.96 views

CVE-2022-36990

CVE-2022-36990 affects Veritas NetBackup, including versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Affected components: NetBackup Client and Primary server configuration. Vulnerability allows an attacker with authenticated access to a NetBackup Client to remotely write ...

9.6CVSS6.3AI score0.0058EPSS
CVE
CVE
added 2022/07/28 12:55 a.m.85 views

CVE-2022-36988

Veritas NetBackup CVE-2022-36988 affects NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server to remotely execute arbitrary commands on...

8.8CVSS8.7AI score0.00762EPSS
CVE
CVE
added 2022/07/28 12:53 a.m.84 views

CVE-2022-36991

Veritas NetBackup vulnerable versions: 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An authenticated NetBackup Client can arbitrarily write content to a partially controlled path on the NetBackup Primary server, due to a design/logic flaw in NetBackup components. The root caus...

8.1CVSS6.3AI score0.0058EPSS
CVE
CVE
added 2022/07/28 12:51 a.m.83 views

CVE-2022-36995

CVE-2022-36995 affects Veritas NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup Client to arbitrarily create directories on a NetBackup Primary server, revealing a path-based permission/control concern...

4.3CVSS4.5AI score0.00445EPSS
CVE
CVE
added 2022/07/28 12:49 a.m.80 views

CVE-2022-36998

The CVE-2022-36998 issue affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The vulnerability is a stack-based buffer overflow on the NetBackup Primary server that can be triggered by an authenticated NetBackup Client, leading to DoS. The connected...

6.5CVSS6.5AI score0.00579EPSS
CVE
CVE
added 2022/07/28 12:52 a.m.78 views

CVE-2022-36993

CVE-2022-36993 affects Veritas NetBackup: multiple versions (8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, 9.1.x–9.1.0.1) are vulnerable. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. The issue is confirmed acr...

8.8CVSS8.7AI score0.009EPSS
CVE
CVE
added 2022/07/28 12:51 a.m.78 views

CVE-2022-36996

CVE-2022-36996 affects Veritas NetBackup: vulnerable in versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Affected component is the NetBackup client’s ability to enumerate hosts known to a NetBackup Primary server when an attacker has client access. This results in informa...

6.5CVSS6.2AI score0.0052EPSS
CVE
CVE
added 2022/07/28 12:52 a.m.77 views

CVE-2022-36994

The CVE-2022-36994 issue affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Description: An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server. Root cause: improper access control a...

6.5CVSS6.2AI score0.00538EPSS
CVE
CVE
added 2022/07/28 12:54 a.m.76 views

CVE-2022-36989

CVE-2022-36989 affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An attacker with authenticated NetBackup Client access could remotely execute arbitrary commands on a NetBackup Primary server. The connected PT-2022-23733 entry provides remediation...

8.8CVSS8.7AI score0.009EPSS
CVE
CVE
added 2022/07/28 12:50 a.m.75 views

CVE-2022-36997

CVE-2022-36997 affects Veritas NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an authenticated NetBackup Client with remote access to trigger arbitrary file reads, SSRF, and DoS. Root cause details are not provided in the connected documents. Public ex...

8.8CVSS8.4AI score0.00603EPSS
CVE
CVE
added 2022/07/28 12:47 a.m.75 views

CVE-2022-37000

Veritas NetBackup vulnerability CVE-2022-37000 affects NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. Several connect...

6.5CVSS6.2AI score0.00597EPSS
CVE
CVE
added 2022/07/28 12:53 a.m.73 views

CVE-2022-36992

CVE-2022-36992 affects Veritas NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server under specific notify conditions. Multiple sources (NVD, Re...

9.9CVSS8.7AI score0.009EPSS
CVE
CVE
added 2022/07/28 12:48 a.m.72 views

CVE-2022-36999

Summary: CVE-2022-36999 affects Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. The issue allows an attacker with authenticated access to a NetBackup Client to remotely read files on a NetBackup Primary server under certain conditions. Root cause/detail...

6.5CVSS6.2AI score0.00597EPSS
CVE
CVE
added 2022/07/28 12:57 a.m.71 views

CVE-2022-36984

Veritas NetBackup versions 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1 are affected by CVE-2022-36984. The issue allows an attacker with authenticated access to a NetBackup Client to remotely trigger a denial-of-service against a NetBackup Primary server. The root cause is not...

7.7CVSS6.2AI score0.00647EPSS
CVE
CVE
added 2019/11/05 7:5 p.m.69 views

CVE-2019-18780

CVE-2019-18780 is an arbitrary command-injection vulnerability in the Veritas InfoScale Cluster Server component. An unauthenticated remote attacker could execute arbitrary commands as root/administrator. Affected products include Veritas Access (7.4.2 and earlier), Access Appliance (7.4.2 and ea...

10CVSS9.9AI score0.06138EPSS
CVE
CVE
added 2022/07/28 12:56 a.m.62 views

CVE-2022-36985

CVE-2022-36985 affects Veritas NetBackup on Windows: vulnerable in NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An unprivileged local attacker on a NetBackup Primary server could escalate privileges. Connected documents confirm affected versions and local-privilege-e...

7.8CVSS7.5AI score0.00196EPSS