Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#m3	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#m3	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría desencadenar de forma remota un desbordamiento del búfer basado en la pila en el servidor primario de NetBackup, resultando en una denegación de servicio",
      },
   ],
   id: "CVE-2022-36998",
   lastModified: "2024-11-21T07:14:15.127",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 4,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.257",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#c1	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#c1	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup (en condiciones específicas de notificación)",
      },
   ],
   id: "CVE-2022-36992",
   lastModified: "2024-11-21T07:14:14.130",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.9,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.1,
            impactScore: 6,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.957",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#m6	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#m6	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup	10.0
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "A22BA0AF-70FB-4948-B047-E62EA64EFFC5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso a un cliente de NetBackup podría recopilar de forma remota información sobre cualquier host conocido por un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36996",
   lastModified: "2024-11-21T07:14:14.793",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.157",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#m1	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#m1	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Bajo determinadas condiciones, un atacante con acceso autenticado a un cliente de NetBackup podría leer remotamente archivos en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-37000",
   lastModified: "2024-11-21T07:14:15.457",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.370",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h5	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h5	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un Cliente NetBackup podría escribir arbitrariamente contenido en una ruta parcialmente controlada en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36991",
   lastModified: "2024-11-21T07:14:13.963",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.907",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#m4	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#m4	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría leer arbitrariamente archivos de un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36994",
   lastModified: "2024-11-21T07:14:14.463",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 4,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.053",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#m2	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#m2	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Bajo determinadas condiciones, un atacante con acceso autenticado a un cliente de NetBackup podría leer remotamente archivos en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36999",
   lastModified: "2024-11-21T07:14:15.287",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.307",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h8	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h8	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría desencadenar de forma remota un ataque de denegación de servicio contra un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36984",
   lastModified: "2024-11-21T07:14:12.733",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.7,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.1,
            impactScore: 4,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.543",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h4	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h4	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría escribir arbitrariamente archivos en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36987",
   lastModified: "2024-11-21T07:14:13.280",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 6,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.707",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h1	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h1	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36993",
   lastModified: "2024-11-21T07:14:14.297",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.007",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h6	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h6	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un servidor NetBackup OpsCenter, un servidor NetBackup Primary o un servidor NetBackup Media podría ejecutar remotamente comandos arbitrarios en un servidor NetBackup Primary o un servidor NetBackup Media",
      },
   ],
   id: "CVE-2022-36988",
   lastModified: "2024-11-21T07:14:13.443",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.3,
            impactScore: 6,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.760",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h9	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h9	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría desencadenar de forma remota impactos que incluyen una lectura arbitraria de archivos, un ataque de tipo Server-Side Request Forgery (SSRF) y una denegación de servicio",
      },
   ],
   id: "CVE-2022-36997",
   lastModified: "2024-11-21T07:14:14.960",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4.2,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.207",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-918",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h2	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h2	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36989",
   lastModified: "2024-11-21T07:14:13.613",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.810",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h7	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h7	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso local no privilegiado a un servidor primario de Windows NetBackup podría escalar potencialmente sus privilegios",
      },
   ],
   id: "CVE-2022-36985",
   lastModified: "2024-11-21T07:14:12.917",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.607",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#c2	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#c2	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un Cliente NetBackup podría escribir remotamente archivos arbitrarios en ubicaciones arbitrarias desde cualquier Cliente a cualquier otro Cliente por medio de un servidor primario",
      },
   ],
   id: "CVE-2022-36990",
   lastModified: "2024-11-21T07:14:13.793",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.6,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.1,
            impactScore: 5.8,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.857",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#h3	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#h3	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso no autenticado podría ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36986",
   lastModified: "2024-11-21T07:14:13.090",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:17.657",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2022-07-28 01:15

Modified

2024-11-21 07:14

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.

References

▼	URL	Tags
	cve@mitre.org	https://www.veritas.com/content/support/en_US/security/VTS22-004#m5	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.veritas.com/content/support/en_US/security/VTS22-004#m5	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
veritas	flex_appliance	1.2
veritas	flex_appliance	1.3
veritas	flex_appliance	2.0
veritas	flex_appliance	2.0.1
veritas	flex_appliance	2.0.2
veritas	flex_appliance	2.1
veritas	flex_scale	1.3.1
veritas	flex_scale	2.1
veritas	netbackup	8.1.1
veritas	netbackup	8.1.2
veritas	netbackup	8.2
veritas	netbackup	8.3
veritas	netbackup	8.3.0.1
veritas	netbackup	8.3.0.2
veritas	netbackup	9.0
veritas	netbackup	9.0.0.1
veritas	netbackup	9.1
veritas	netbackup	9.1.0.1
veritas	netbackup_appliance	3.1.1
veritas	netbackup_appliance	3.1.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	4.0
veritas	netbackup_appliance	4.1
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.2
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.1
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	3.3.0.2
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.0.0.1
veritas	netbackup_appliance	4.1.0.1
veritas	netbackup_appliance	4.1.0.1

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "025BC427-C1D3-4888-8585-EE5EF288AE86",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CE9674B-4528-4168-B09A-DBAA48622307",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9810D40F-FF25-495F-80A4-7A8D8679FA33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDD5695-9235-4592-9B8A-A90BE7762F90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EF9FB3-5862-4C85-A082-5903E9619A01",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "48682500-A4CC-417A-AE87-254A38E9A837",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28926F3-D951-40EC-A383-27038FF62D9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3678D77D-D641-47C6-92BA-FE124D645F47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8797A64D-D4EA-45F4-911E-3F5794979FBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "070A8292-8AA8-45B0-BD12-174071C142ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA05618C-73DD-4A02-AF1B-90C5D968C881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDC739-0410-45C6-9628-EC833AC7400E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "0D532AFE-824C-4002-AD4E-431F83911D27",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "0DD01222-0F16-48D3-842A-C07377C0872F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "3ED514C2-AEDD-4071-A145-5D281C789703",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "BF2D4F61-2307-4A29-B620-E811E7642E66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "CF307131-DB9A-41CA-9990-EAAF56B671DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "42554066-06A0-44EF-8911-5982A4033E00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
                     matchCriteriaId: "F2762443-9B5B-4675-84B3-21A60385F86E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
                     matchCriteriaId: "6256AE6A-34BF-417A-BAB9-8889457BA31B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
                     matchCriteriaId: "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.",
      },
      {
         lang: "es",
         value: "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podría crear arbitrariamente directorios en un servidor primario de NetBackup",
      },
   ],
   id: "CVE-2022-36995",
   lastModified: "2024-11-21T07:14:14.633",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "cve@mitre.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-07-28T01:15:18.107",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2022-36993

Vulnerability from cvelistv5

Published

2022-07-28 00:52

Modified

2024-08-03 10:21

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.590Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:52:38",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36993",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36993",
      datePublished: "2022-07-28T00:52:38",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.590Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36989

Vulnerability from cvelistv5

Published

2022-07-28 00:54

Modified

2024-08-03 10:21

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h2	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.604Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:54:43",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36989",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36989",
      datePublished: "2022-07-28T00:54:44",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.604Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36998

Vulnerability from cvelistv5

Published

2022-07-28 00:49

Modified

2024-08-03 10:21

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#m3	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.188Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:49:24",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36998",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36998",
      datePublished: "2022-07-28T00:49:24",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.188Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36994

Vulnerability from cvelistv5

Published

2022-07-28 00:52

Modified

2024-08-03 10:21

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#m4	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.464Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:52:06",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36994",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36994",
      datePublished: "2022-07-28T00:52:07",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.464Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36988

Vulnerability from cvelistv5

Published

2022-07-28 00:55

Modified

2024-08-03 10:21

Severity ?

8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h6	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.338Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:55:06",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36988",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36988",
      datePublished: "2022-07-28T00:55:06",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.338Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36997

Vulnerability from cvelistv5

Published

2022-07-28 00:50

Modified

2024-08-03 10:21

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h9	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.596Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:50:36",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36997",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36997",
      datePublished: "2022-07-28T00:50:36",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.596Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36986

Vulnerability from cvelistv5

Published

2022-07-28 00:56

Modified

2024-08-03 10:21

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h3	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.400Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:56:03",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36986",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36986",
      datePublished: "2022-07-28T00:56:03",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.400Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36991

Vulnerability from cvelistv5

Published

2022-07-28 00:53

Modified

2024-08-03 10:21

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h5	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.370Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:53:39",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36991",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36991",
      datePublished: "2022-07-28T00:53:39",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.370Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36990

Vulnerability from cvelistv5

Published

2022-07-28 00:54

Modified

2024-08-03 10:21

Severity ?

9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#c2	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.290Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 9.6,
                  baseSeverity: "CRITICAL",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:54:19",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36990",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36990",
      datePublished: "2022-07-28T00:54:19",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.290Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-37000

Vulnerability from cvelistv5

Published

2022-07-28 00:47

Modified

2024-08-03 10:21

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#m1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.491Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:47:45",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-37000",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-37000",
      datePublished: "2022-07-28T00:47:45",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.491Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36995

Vulnerability from cvelistv5

Published

2022-07-28 00:51

Modified

2024-08-03 10:21

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#m5	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.371Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:51:31",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36995",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36995",
      datePublished: "2022-07-28T00:51:31",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.371Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36984

Vulnerability from cvelistv5

Published

2022-07-28 00:57

Modified

2024-08-03 10:21

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h8	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.609Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:57:02",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36984",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36984",
      datePublished: "2022-07-28T00:57:02",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.609Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36987

Vulnerability from cvelistv5

Published

2022-07-28 00:55

Modified

2024-08-03 10:21

Severity ?

8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h4	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.387Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:55:34",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36987",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36987",
      datePublished: "2022-07-28T00:55:34",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.387Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36996

Vulnerability from cvelistv5

Published

2022-07-28 00:51

Modified

2024-08-03 10:21

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#m6	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.439Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:51:09",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36996",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36996",
      datePublished: "2022-07-28T00:51:09",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.439Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36992

Vulnerability from cvelistv5

Published

2022-07-28 00:53

Modified

2024-08-03 10:21

Severity ?

9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#c1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.445Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 9.9,
                  baseSeverity: "CRITICAL",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:53:07",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36992",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36992",
      datePublished: "2022-07-28T00:53:07",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.445Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36999

Vulnerability from cvelistv5

Published

2022-07-28 00:48

Modified

2024-08-03 10:21

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#m2	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.317Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:48:49",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36999",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36999",
      datePublished: "2022-07-28T00:48:49",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.317Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-36985

Vulnerability from cvelistv5

Published

2022-07-28 00:56

Modified

2024-08-03 10:21

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.

References

▼	URL	Tags
	https://www.veritas.com/content/support/en_US/security/VTS22-004#h7	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T10:21:32.311Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-28T00:56:33",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-36985",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
                     refsource: "MISC",
                     url: "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-36985",
      datePublished: "2022-07-28T00:56:33",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T10:21:32.311Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerabilites related to veritas - flex_scale

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5