Vulnerabilities > Veritas
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-27 | CVE-2022-36955 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. | 8.4 |
| 2022-07-27 | CVE-2022-36956 | Unspecified vulnerability in Veritas Netbackup 9.0/9.1.0.0 In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. | 7.5 |
| 2022-04-19 | CVE-2021-41570 | Cross-site Scripting vulnerability in Veritas Netbackup Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup Password field during a Settings/Configuration Add operation. | 5.4 |
| 2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |
| 2022-03-10 | CVE-2022-26778 | Cleartext Storage of Sensitive Information vulnerability in Veritas System Recovery 18.0/21 Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. | 6.5 |
| 2022-03-04 | CVE-2022-26483 | Cross-site Scripting vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. | 4.8 |
| 2022-03-04 | CVE-2022-26484 | Path Traversal vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. | 4.9 |
| 2021-12-06 | CVE-2021-44677 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. | 9.8 |
| 2021-12-06 | CVE-2021-44678 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. | 9.8 |
| 2021-12-06 | CVE-2021-44679 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. | 9.8 |