Vulnerabilities > Veritas

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-42308 Path Traversal vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products.
local
low complexity
veritas CWE-22
7.1
2022-09-23 CVE-2022-41319 Cross-site Scripting vulnerability in Veritas Desktop and Laptop Option
A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI).
network
low complexity
veritas CWE-79
6.1
2022-07-28 CVE-2022-36996 Unspecified vulnerability in Veritas products
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products).
network
low complexity
veritas
6.5
2022-07-28 CVE-2022-36997 Server-Side Request Forgery (SSRF) vulnerability in Veritas products
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products).
network
low complexity
veritas CWE-918
8.8
2022-04-19 CVE-2021-41570 Cross-site Scripting vulnerability in Veritas Netbackup 8.3.0.1/9.1
Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup Password field during a Settings/Configuration Add operation.
network
veritas CWE-79
3.5
2022-04-01 CVE-2022-22965 Code Injection vulnerability in multiple products
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
network
low complexity
vmware cisco oracle siemens veritas CWE-94
critical
9.8
2022-03-10 CVE-2022-26778 Cleartext Storage of Sensitive Information vulnerability in Veritas System Recovery 18.0/21
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration.
network
low complexity
veritas CWE-312
4.0
2022-03-04 CVE-2022-26483 Cross-site Scripting vulnerability in Veritas Infoscale Operations Manager
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100.
network
veritas CWE-79
3.5
2022-03-04 CVE-2022-26484 Path Traversal vulnerability in Veritas Infoscale Operations Manager
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100.
network
low complexity
veritas CWE-22
6.8
2021-12-06 CVE-2021-44677 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
veritas CWE-502
6.8