Vulnerabilities > Veritas > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-14 | CVE-2020-12874 | Improper Authentication vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server. | 9.8 |
| 2019-11-05 | CVE-2019-18780 | Command Injection vulnerability in Veritas products An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. | 9.8 |
| 2017-05-10 | CVE-2017-8895 | Use After Free vulnerability in Veritas Backup Exec In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. | 9.8 |
| 2017-05-09 | CVE-2017-8859 | Unspecified vulnerability in Veritas Netbackup Appliance In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | 9.8 |
| 2017-05-09 | CVE-2017-8858 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | 9.8 |
| 2017-05-09 | CVE-2017-8857 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | 9.8 |
| 2017-05-09 | CVE-2017-8856 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | 9.8 |
| 2017-03-02 | CVE-2017-6409 | Missing Authentication for Critical Function vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. | 9.8 |
| 2017-03-02 | CVE-2017-6403 | Use of Hard-coded Credentials vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. | 9.8 |
| 2017-01-04 | CVE-2016-7399 | Command Injection vulnerability in Veritas Netbackup Appliance Firmware scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense. | 9.8 |