Vulnerabilities > Veritas

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-42302 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-10-03 CVE-2022-42303 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-10-03 CVE-2022-42304 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-10-03 CVE-2022-42305 Path Traversal vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products.
network
low complexity
veritas CWE-22
7.5
7.5
2022-10-03 CVE-2022-42306 NULL Pointer Dereference vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products.
local
low complexity
veritas CWE-476
5.5
5.5
2022-10-03 CVE-2022-42307 XXE vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products.
network
low complexity
veritas CWE-611
critical
 9.8
9.8
2022-10-03 CVE-2022-42308 Path Traversal vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products.
local
low complexity
veritas CWE-22
7.1
7.1
2022-09-23 CVE-2022-41319 Cross-site Scripting vulnerability in Veritas Desktop and Laptop Option
A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI).
network
low complexity
veritas CWE-79
6.1
6.1
2022-09-23 CVE-2022-41320 Insecure Storage of Sensitive Information vulnerability in Veritas System Recovery
Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration.
network
low complexity
veritas CWE-922
6.5
6.5
2022-07-28 CVE-2022-36984 Unspecified vulnerability in Veritas products
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products).
network
low complexity
veritas
6.5
6.5