CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-37237
https://notcve.org/view.php?id=CVE-2023-37237
29 Jun 2023 — In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. • https://www.veritas.com/content/support/en_US/security/VTS23-004 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26788
https://notcve.org/view.php?id=CVE-2023-26788
10 Apr 2023 — Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. • https://github.com/IthacaLabs/Veritas-Technologies • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.7EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36984
https://notcve.org/view.php?id=CVE-2022-36984
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacan... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h8 •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36985
https://notcve.org/view.php?id=CVE-2022-36985
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso local ... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h7 •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36986
https://notcve.org/view.php?id=CVE-2022-36986
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso no autenticado podr... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h3 •
CVSS: 8.5EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36987
https://notcve.org/view.php?id=CVE-2022-36987
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h4 •
CVSS: 9.0EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36988
https://notcve.org/view.php?id=CVE-2022-36988
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h6 •
CVSS: 9.0EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36989
https://notcve.org/view.php?id=CVE-2022-36989
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h2 •
CVSS: 9.6EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36990
https://notcve.org/view.php?id=CVE-2022-36990
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos Ne... • https://www.veritas.com/content/support/en_US/security/VTS22-004#c2 •
CVSS: 8.1EPSS: 0%CPEs: 35EXPL: 0CVE-2022-36991
https://notcve.org/view.php?id=CVE-2022-36991
28 Jul 2022 — An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server. Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). U... • https://www.veritas.com/content/support/en_US/security/VTS22-004#h5 •