Vulnerabilities > Veritas > Netbackup > 8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-03 | CVE-2022-42305 | Path Traversal vulnerability in Veritas Netbackup An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. | 7.5 |
| 2022-10-03 | CVE-2022-42306 | NULL Pointer Dereference vulnerability in Veritas Netbackup An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. | 5.5 |
| 2022-10-03 | CVE-2022-42307 | XXE vulnerability in Veritas Netbackup An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. | 9.8 |
| 2022-10-03 | CVE-2022-42308 | Path Traversal vulnerability in Veritas Netbackup An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. | 7.1 |
| 2022-07-27 | CVE-2022-36948 | Cross-site Scripting vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. | 5.4 |
| 2022-07-27 | CVE-2022-36949 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, an attacker with local access to a NetBackup OpsCenter server could potentially escalate their privileges. | 7.8 |
| 2022-07-27 | CVE-2022-36950 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation. | 9.8 |
| 2022-07-27 | CVE-2022-36951 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. | 9.8 |
| 2022-07-27 | CVE-2022-36952 | Use of Hard-coded Credentials vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. | 9.8 |
| 2022-07-27 | CVE-2022-36953 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. | 4.3 |