Vulnerabilities > Veritas > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-29 | CVE-2019-14417 | Unspecified vulnerability in Veritas Resiliency Platform An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. | 9.0 |
2018-10-25 | CVE-2018-18652 | Unspecified vulnerability in Veritas Netbackup Appliance A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. | 9.0 |
2017-05-10 | CVE-2017-8895 | Use After Free vulnerability in Veritas Backup Exec 14.1.1786.1126/14.2.1180.3160/15.1180 In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. | 10.0 |
2017-05-09 | CVE-2017-8857 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | 10.0 |
2017-05-09 | CVE-2017-8858 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | 10.0 |
2017-05-09 | CVE-2017-8859 | Arbitrary Command Execution vulnerability in Veritas NetBackup Appliance In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | 10.0 |
2017-04-05 | CVE-2017-7444 | DLL Loading Local Code Execution vulnerability in Veritas System Recovery 16 In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed. | 9.3 |
2017-01-04 | CVE-2016-7399 | Command Injection vulnerability in Veritas Netbackup Appliance Firmware scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense. | 10.0 |
2016-05-07 | CVE-2015-6550 | Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary commands via crafted input. | 10.0 |
2016-05-07 | CVE-2015-6552 | Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to make arbitrary RPC calls via unspecified vectors. | 10.0 |