Vulnerabilities > Veritas
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-03 | CVE-2022-42308 | Path Traversal vulnerability in Veritas Netbackup An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. | 7.1 |
2022-09-23 | CVE-2022-41319 | Cross-site Scripting vulnerability in Veritas Desktop and Laptop Option A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI). | 6.1 |
2022-07-28 | CVE-2022-36996 | Unspecified vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 6.5 |
2022-07-28 | CVE-2022-36997 | Server-Side Request Forgery (SSRF) vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 8.8 |
2022-04-19 | CVE-2021-41570 | Cross-site Scripting vulnerability in Veritas Netbackup 8.3.0.1/9.1 Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup Password field during a Settings/Configuration Add operation. | 3.5 |
2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |
2022-03-10 | CVE-2022-26778 | Cleartext Storage of Sensitive Information vulnerability in Veritas System Recovery 18.0/21 Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. | 4.0 |
2022-03-04 | CVE-2022-26483 | Cross-site Scripting vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. | 3.5 |
2022-03-04 | CVE-2022-26484 | Path Traversal vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. | 6.8 |
2021-12-06 | CVE-2021-44677 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. | 6.8 |