Shodan
Vulnerabilities
Vulnerable Software
Veritas:  Security Vulnerabilities
CVE-2022-46414
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.
CVSS Score
9.8
EPSS Score
0.021
Published
2022-12-04
CVE-2022-46410
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-12-04
CVE-2022-45461
The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-11-17
CVE-2022-42306
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-10-03
CVE-2022-42307
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-10-03
CVE-2022-42308
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.
CVSS Score
9.0
EPSS Score
0.001
Published
2022-10-03
CVE-2022-42303
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.
CVSS Score
8.0
EPSS Score
0.004
Published
2022-10-03
CVE-2022-42304
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.
CVSS Score
8.0
EPSS Score
0.004
Published
2022-10-03
CVE-2022-42305
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-10-03
CVE-2022-42299
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved