Vulnerabilities > Veritas > Netbackup Appliance
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-29 | CVE-2023-37237 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup Appliance In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. | 7.2 |
2022-07-28 | CVE-2022-36996 | Unspecified vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 6.5 |
2022-07-28 | CVE-2022-36997 | Server-Side Request Forgery (SSRF) vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 8.8 |
2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |
2019-03-21 | CVE-2019-9868 | Insufficiently Protected Credentials vulnerability in Veritas Netbackup Appliance An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. | 4.0 |
2019-03-21 | CVE-2019-9867 | Insufficiently Protected Credentials vulnerability in Veritas Netbackup Appliance An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. | 4.0 |
2018-10-25 | CVE-2018-18652 | Unspecified vulnerability in Veritas Netbackup Appliance A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. | 9.0 |
2017-05-09 | CVE-2017-8859 | Arbitrary Command Execution vulnerability in Veritas NetBackup Appliance In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | 10.0 |
2017-05-09 | CVE-2017-8858 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | 10.0 |
2017-05-09 | CVE-2017-8857 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | 10.0 |