CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42301
https://notcve.org/view.php?id=CVE-2022-42301
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0.0.1 y en los productos de Veritas relacionados. El servidor NetBackup Primary es vulnerable a un ataque de tipo XML External Entity (XXE) mediante el proceso nbars • https://www.veritas.com/content/support/en_US/security/VTS22-013#M1 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42302
https://notcve.org/view.php?id=CVE-2022-42302
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0 y productos relacionados de Veritas. El servidor primario de NetBackup es vulnerable a un ataque de inyección SQL afectando al servicio NBFSMCLIENT • https://www.veritas.com/content/support/en_US/security/VTS22-011#C1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42303
https://notcve.org/view.php?id=CVE-2022-42303
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0 y en los productos de Veritas relacionados. El servidor primario de NetBackup es vulnerable a un ataque de inyección SQL de segundo orden afectando al servicio NBFSMCLIENT aprovechando CVE-2022-42302 • https://www.veritas.com/content/support/en_US/security/VTS22-011#H1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42304
https://notcve.org/view.php?id=CVE-2022-42304
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0 y los productos Veritas relacionados. El servidor primario de NetBackup es vulnerable a un ataque de inyección SQL que afecta al código de los gestores idm, nbars y SLP • https://www.veritas.com/content/support/en_US/security/VTS22-011#H2 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42305
https://notcve.org/view.php?id=CVE-2022-42305
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0.0.1 y en los productos de Veritas relacionados. El servidor primario de NetBackup es vulnerable a un ataque de Salto de Ruta mediante el servicio DiscoveryService • https://www.veritas.com/content/support/en_US/security/VTS22-012#M1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •