Vulnerabilities > Veritas > Netbackup Appliance > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-07 | CVE-2024-28222 | Path Traversal vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file. | 9.8 |
2022-07-28 | CVE-2022-36986 | Unspecified vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 9.8 |
2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |
2017-05-09 | CVE-2017-8856 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | 9.8 |
2017-05-09 | CVE-2017-8857 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | 9.8 |
2017-05-09 | CVE-2017-8858 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | 9.8 |
2017-05-09 | CVE-2017-8859 | Unspecified vulnerability in Veritas Netbackup Appliance In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | 9.8 |
2017-03-02 | CVE-2017-6403 | Use of Hard-coded Credentials vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. | 9.8 |
2017-03-02 | CVE-2017-6409 | Missing Authentication for Critical Function vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. | 9.8 |
2016-05-07 | CVE-2015-6550 | Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary commands via crafted input. | 9.8 |