NotCVE - vendor:"Veritas" product:"Netbackup Flex Scale Appliance" version:" <= 3.0"

6 results (0.004 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-46410

https://notcve.org/view.php?id=CVE-2022-46410

04 Dec 2022 — An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0. Un atacante con privilegios no root puede escalar privilegios a root mediante el uso de comandos específicos. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue5 •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-46411

https://notcve.org/view.php?id=CVE-2022-46411

04 Dec 2022 — An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0 y Access Appliance hasta 8.0.100. Una contraseña predeterminada persiste después de la instalación y puede descubrirse y usarse para escalar privilegios. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue3 • CWE-287: Improper Authentication •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-46412

https://notcve.org/view.php?id=CVE-2022-46412

04 Dec 2022 — An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0. Un usuario sin privilegios puede escapar de un shell restringido y ejecutar comandos privilegiados. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue4 •

CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 0

CVE-2022-46413

https://notcve.org/view.php?id=CVE-2022-46413

04 Dec 2022 — An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0 y Access Appliance hasta 8.0.100. La ejecución de comandos remotos autenticados puede ocurrir a través del portal de administración. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue2 •

CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0

CVE-2022-46414

https://notcve.org/view.php?id=CVE-2022-46414

04 Dec 2022 — An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal. Se descubrió un problema en Veritas NetBackup Flex Scale hasta 3.0 y Access Appliance hasta 8.0.100. La ejecución de comandos remotos no autenticados puede ocurrir a través del portal de administración. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue1 •

CVSS: 9.8EPSS: 94%CPEs: 97EXPL: 82

CVE-2022-22965 – Spring Framework JDK 9+ Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2022-22965

01 Apr 2022 — A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser ... • https://packetstorm.news/files/id/167011 • CWE-94: Improper Control of Generation of Code ('Code Injection') •