CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42305
https://notcve.org/view.php?id=CVE-2022-42305
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0.0.1 y en los productos de Veritas relacionados. El servidor primario de NetBackup es vulnerable a un ataque de Salto de Ruta mediante el servicio DiscoveryService • https://www.veritas.com/content/support/en_US/security/VTS22-012#M1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42307
https://notcve.org/view.php?id=CVE-2022-42307
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service. Se ha detectado un problema en Veritas NetBackup versiones hasta 10.0.0.1 y en los productos de Veritas relacionados. El servidor NetBackup Primary es vulnerable a un ataque de tipo XML External Entity (XXE) por medio del servicio DiscoveryService • https://www.veritas.com/content/support/en_US/security/VTS22-012#M2 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.7EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36984
https://notcve.org/view.php?id=CVE-2022-36984
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría desencadenar de forma remota un ataque de denegación de servicio contra un servidor primario de NetBackup • https://www.veritas.com/content/support/en_US/security/VTS22-004#h8 •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36985
https://notcve.org/view.php?id=CVE-2022-36985
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso local no privilegiado a un servidor primario de Windows NetBackup podría escalar potencialmente sus privilegios • https://www.veritas.com/content/support/en_US/security/VTS22-004#h7 •
CVSS: 9.8EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36986
https://notcve.org/view.php?id=CVE-2022-36986
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso no autenticado podría ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup • https://www.veritas.com/content/support/en_US/security/VTS22-004#h3 •