Netbackup Security Vulnerabilities and Issues — Netbackup CVE List

Lucene search

VeritasNetbackup

10 matches found

CVE•added 2022/10/03 3:15 p.m.•52 views

CVE-2022-42303

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.

9.8CVSS9.7AI score0.00353EPSS

CVE•added 2022/10/03 3:15 p.m.•51 views

CVE-2022-42301

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.

8.8CVSS8.7AI score0.00056EPSS

CVE•added 2022/10/03 3:15 p.m.•51 views

CVE-2022-42306

An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.

6.5CVSS5.2AI score0.00032EPSS

CVE•added 2022/10/03 3:15 p.m.•51 views

CVE-2022-42308

An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.

9CVSS6.8AI score0.0006EPSS

CVE•added 2022/10/03 3:15 p.m.•49 views

CVE-2022-42307

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.

9.8CVSS9.5AI score0.0012EPSS

CVE•added 2022/10/03 3:15 p.m.•48 views

CVE-2022-42302

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service.

9.8CVSS9.7AI score0.00341EPSS

CVE•added 2022/10/03 3:15 p.m.•48 views

CVE-2022-42304

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.

9.8CVSS9.7AI score0.00353EPSS

CVE•added 2022/10/03 3:15 p.m.•48 views

CVE-2022-42305

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.

7.5CVSS7.4AI score0.00211EPSS

CVE•added 2022/10/03 3:15 p.m.•47 views

CVE-2022-42299

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service.

7.5CVSS7.3AI score0.00092EPSS

CVE•added 2022/10/03 3:15 p.m.•43 views

CVE-2022-42300

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.)

6.5CVSS6.4AI score0.00126EPSS