Netbackup Security Vulnerabilities and Issues — Netbackup CVE List

Lucene search

VeritasNetbackup

12 matches found

CVE•added 2023/03/23 4:17 a.m.•85 views

CVE-2023-28759

An issue was discovered in Veritas NetBackup before 10.0 on Windows. A vulnerability in the way the client validates the path to a DLL prior to loading may allow a lower-level user to elevate privileges and compromise the system.

7.8CVSS7.4AI score0.00026EPSS

CVE•added 2024/04/26 2:15 a.m.•76 views

CVE-2024-33672

An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files.

7.7CVSS6.8AI score0.00042EPSS

CVE•added 2022/07/28 1:15 a.m.•61 views

CVE-2022-36984

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetB...

7.7CVSS6.2AI score0.00259EPSS

CVE•added 2017/03/02 6:59 a.m.•52 views

CVE-2017-6401

An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat.

7.8CVSS8.4AI score0.00047EPSS

CVE•added 2022/07/28 1:15 a.m.•50 views

CVE-2022-36985

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges...

7.8CVSS7.5AI score0.00086EPSS

CVE•added 2017/03/02 6:59 a.m.•49 views

CVE-2017-6405

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing.

7.5CVSS7.9AI score0.00195EPSS

CVE•added 2022/10/03 3:15 p.m.•48 views

CVE-2022-42305

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.

7.5CVSS7.4AI score0.00211EPSS

CVE•added 2024/11/18 6:15 a.m.•48 views

CVE-2024-52945

An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL coul...

7.8CVSS7.6AI score0.00191EPSS

CVE•added 2006/03/28 12:6 a.m.•47 views

CVE-2006-0991

Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 for Windows allows remote attackers to execute arbitrary code via crafted "Request Service" packets to the vnetd service (TCP port 13724).

7.1CVSS7.8AI score0.29071EPSS

CVE•added 2022/10/03 3:15 p.m.•47 views

CVE-2022-42299

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service.

7.5CVSS7.3AI score0.00092EPSS

CVE•added 2017/03/02 6:59 a.m.•45 views

CVE-2017-6408

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured.

7CVSS7.2AI score0.00032EPSS

CVE•added 2023/03/23 4:17 a.m.•44 views

CVE-2023-28758

An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files.

7.1CVSS6.8AI score0.00042EPSS