CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28758
https://notcve.org/view.php?id=CVE-2023-28758
An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files. • https://www.veritas.com/content/support/en_US/security/VTS23-003 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28759
https://notcve.org/view.php?id=CVE-2023-28759
An issue was discovered in Veritas NetBackup before 10.0 on Windows. A vulnerability in the way the client validates the path to a DLL prior to loading may allow a lower-level user to elevate privileges and compromise the system. • https://www.veritas.com/content/support/en_US/security/VTS23-006 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46410
https://notcve.org/view.php?id=CVE-2022-46410
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0. Un atacante con privilegios no root puede escalar privilegios a root mediante el uso de comandos específicos. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue5 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46411
https://notcve.org/view.php?id=CVE-2022-46411
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0 y Access Appliance hasta 8.0.100. Una contraseña predeterminada persiste después de la instalación y puede descubrirse y usarse para escalar privilegios. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue3 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46413
https://notcve.org/view.php?id=CVE-2022-46413
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0 y Access Appliance hasta 8.0.100. La ejecución de comandos remotos autenticados puede ocurrir a través del portal de administración. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue2 •