Vulnerabilities > Veritas > Netbackup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-27 | CVE-2022-36948 | Cross-site Scripting vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. | 5.4 |
| 2022-07-27 | CVE-2022-36949 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, an attacker with local access to a NetBackup OpsCenter server could potentially escalate their privileges. | 7.8 |
| 2022-07-27 | CVE-2022-36950 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation. | 9.8 |
| 2022-07-27 | CVE-2022-36951 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. | 9.8 |
| 2022-07-27 | CVE-2022-36952 | Use of Hard-coded Credentials vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. | 9.8 |
| 2022-07-27 | CVE-2022-36953 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. | 4.3 |
| 2022-07-27 | CVE-2022-36954 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. | 6.5 |
| 2022-07-27 | CVE-2022-36955 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. | 8.4 |
| 2022-07-27 | CVE-2022-36956 | Unspecified vulnerability in Veritas Netbackup 9.0/9.1.0.0 In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. | 7.5 |
| 2022-04-19 | CVE-2021-41570 | Cross-site Scripting vulnerability in Veritas Netbackup Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup Password field during a Settings/Configuration Add operation. | 5.4 |