Vulnerabilities > Veritas > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-28 | CVE-2022-37000 | Unspecified vulnerability in Veritas products An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). | 6.5 |
| 2022-07-27 | CVE-2022-36948 | Cross-site Scripting vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. | 5.4 |
| 2022-07-27 | CVE-2022-36953 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. | 4.3 |
| 2022-07-27 | CVE-2022-36954 | Unspecified vulnerability in Veritas Netbackup In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. | 6.5 |
| 2022-04-19 | CVE-2021-41570 | Cross-site Scripting vulnerability in Veritas Netbackup Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup Password field during a Settings/Configuration Add operation. | 5.4 |
| 2022-03-10 | CVE-2022-26778 | Cleartext Storage of Sensitive Information vulnerability in Veritas System Recovery 18.0/21 Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. | 6.5 |
| 2022-03-04 | CVE-2022-26483 | Cross-site Scripting vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. | 4.8 |
| 2022-03-04 | CVE-2022-26484 | Path Traversal vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. | 4.9 |
| 2021-01-05 | CVE-2020-36159 | Unspecified vulnerability in Veritas Desktop and Laptop Option Veritas Desktop and Laptop Option (DLO) before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication. | 5.3 |
| 2020-05-14 | CVE-2020-12875 | Incorrect Authorization vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. | 6.3 |