Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netbackup
(Veritas)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 63 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-10-03 | CVE-2022-42300 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.) | Netbackup | 6.5 | ||
2022-10-03 | CVE-2022-42301 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process. | Netbackup | 8.8 | ||
2022-10-03 | CVE-2022-42302 | An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service. | Netbackup | 9.8 | ||
2022-10-03 | CVE-2022-42303 | An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302. | Netbackup | 9.8 | ||
2022-10-03 | CVE-2022-42304 | An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code. | Netbackup | 9.8 | ||
2022-10-03 | CVE-2022-42305 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service. | Netbackup | 7.5 | ||
2022-10-03 | CVE-2022-42306 | An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process. | Netbackup | 5.5 | ||
2022-10-03 | CVE-2022-42307 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service. | Netbackup | 9.8 | ||
2022-10-03 | CVE-2022-42308 | An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code. | Netbackup | 7.1 | ||
2022-11-17 | CVE-2022-45461 | The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root. | Netbackup | 8.8 |