Vulnerabilities > Veritas > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-11 CVE-2023-40256 Improper Certificate Validation vulnerability in Veritas Netbackup Snapshot Manager
A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service.
network
low complexity
veritas CWE-295
critical
 9.8
9.8
2023-05-10 CVE-2023-32569 SQL Injection vulnerability in Veritas Infoscale Operations Manager
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-12-04 CVE-2022-46414 Unspecified vulnerability in Veritas Access Appliance and Netbackup Flex Scale Appliance
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100.
network
low complexity
veritas
critical
 9.8
9.8
2022-10-03 CVE-2022-42307 XXE vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products.
network
low complexity
veritas CWE-611
critical
 9.8
9.8
2022-10-03 CVE-2022-42304 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-10-03 CVE-2022-42303 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-10-03 CVE-2022-42302 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
 9.8
9.8
2022-04-01 CVE-2022-22965 Code Injection vulnerability in multiple products
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
network
low complexity
vmware cisco oracle siemens veritas CWE-94
critical
 9.8
9.8
2021-03-01 CVE-2021-27878 Improper Authentication vulnerability in Veritas Backup Exec
An issue was discovered in Veritas Backup Exec before 21.2.
network
low complexity
veritas CWE-287
critical
 9.0
9.0
2019-11-05 CVE-2019-18780 Command Injection vulnerability in Veritas products
An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator.
network
low complexity
veritas CWE-77
critical
 10.0
10