Vulnerabilities > Veritas > Netbackup Appliance > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-28 CVE-2022-36986 Unspecified vulnerability in Veritas products
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products).
network
low complexity
veritas
critical
 9.8
9.8
2022-04-01 CVE-2022-22965 Code Injection vulnerability in multiple products
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
network
low complexity
vmware cisco oracle siemens veritas CWE-94
critical
 9.8
9.8
2017-05-09 CVE-2017-8856 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 9.8
9.8
2017-05-09 CVE-2017-8857 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 9.8
9.8
2017-05-09 CVE-2017-8858 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 9.8
9.8
2017-05-09 CVE-2017-8859 Unspecified vulnerability in Veritas Netbackup Appliance
In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.
network
low complexity
veritas
critical
 9.8
9.8
2017-03-02 CVE-2017-6403 Use of Hard-coded Credentials vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0.
network
low complexity
veritas CWE-798
critical
 9.8
9.8
2017-03-02 CVE-2017-6409 Missing Authentication for Critical Function vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier.
network
low complexity
veritas CWE-306
critical
 9.8
9.8
2016-05-07 CVE-2015-6550 Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance
bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary commands via crafted input.
network
low complexity
veritas CWE-284
critical
 9.8
9.8
2016-05-07 CVE-2015-6552 Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance
The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to make arbitrary RPC calls via unspecified vectors.
network
low complexity
veritas CWE-284
critical
 9.8
9.8