Vulnerabilities > Veritas > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-17 CVE-2023-38404 Unrestricted Upload of File with Dangerous Type vulnerability in Veritas Infoscale Operations Manager
The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM) before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server.
network
low complexity
veritas CWE-434
8.8
8.8
2023-06-29 CVE-2023-37237 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup Appliance
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH.
network
low complexity
veritas CWE-732
7.2
7.2
2023-05-10 CVE-2023-32568 OS Command Injection vulnerability in Veritas Infoscale Operations Manager
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410.
network
low complexity
veritas CWE-78
7.2
7.2
2022-12-04 CVE-2022-46410 Unspecified vulnerability in Veritas Netbackup Flex Scale Appliance 2.1/3.0
An issue was discovered in Veritas NetBackup Flex Scale through 3.0.
network
low complexity
veritas
8.8
8.8
2022-12-04 CVE-2022-46411 Improper Authentication vulnerability in Veritas Access Appliance and Netbackup Flex Scale Appliance
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100.
network
low complexity
veritas CWE-287
8.8
8.8
2022-12-04 CVE-2022-46412 Unspecified vulnerability in Veritas Netbackup Flex Scale Appliance 2.1/3.0
An issue was discovered in Veritas NetBackup Flex Scale through 3.0.
network
low complexity
veritas
8.8
8.8
2022-12-04 CVE-2022-46413 Unspecified vulnerability in Veritas Access Appliance and Netbackup Flex Scale Appliance
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100.
network
low complexity
veritas
8.8
8.8
2022-11-17 CVE-2022-45461 OS Command Injection vulnerability in Veritas Netbackup
The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root.
network
low complexity
veritas CWE-78
8.8
8.8
2022-10-03 CVE-2022-42299 Unspecified vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products.
network
low complexity
veritas
7.5
7.5
2022-10-03 CVE-2022-42301 XXE vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products.
network
low complexity
veritas CWE-611
8.8
8.8