Search criteria

57 vulnerabilities found for flex_appliance by veritas

FKIE_CVE-2022-36998

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#m3Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#m3Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda desencadenar de forma remota un desbordamiento del b\u00fafer basado en la pila en el servidor primario de NetBackup, resultando en una denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2022-36998",
  "lastModified": "2024-11-21T07:14:15.127",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 4.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.257",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m3"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36996

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#m6Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#m6Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup 10.0
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A22BA0AF-70FB-4948-B047-E62EA64EFFC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso a un cliente de NetBackup podr\u00eda recopilar de forma remota informaci\u00f3n sobre cualquier host conocido por un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36996",
  "lastModified": "2024-11-21T07:14:14.793",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.157",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m6"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36993

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h1Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36993",
  "lastModified": "2024-11-21T07:14:14.297",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.007",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36995

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#m5Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#m5Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda crear arbitrariamente directorios en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36995",
  "lastModified": "2024-11-21T07:14:14.633",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.107",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m5"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36999

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#m2Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#m2Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Bajo determinadas condiciones, un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda leer remotamente archivos en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36999",
  "lastModified": "2024-11-21T07:14:15.287",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.307",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-37000

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#m1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#m1Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Bajo determinadas condiciones, un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda leer remotamente archivos en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-37000",
  "lastModified": "2024-11-21T07:14:15.457",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.370",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36997

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h9Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h9Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda desencadenar de forma remota impactos que incluyen una lectura arbitraria de archivos, un ataque de tipo Server-Side Request Forgery (SSRF) y una denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2022-36997",
  "lastModified": "2024-11-21T07:14:14.960",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.207",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h9"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36994

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#m4Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#m4Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda leer arbitrariamente archivos de un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36994",
  "lastModified": "2024-11-21T07:14:14.463",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 4.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:18.053",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#m4"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36984

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h8Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h8Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda desencadenar de forma remota un ataque de denegaci\u00f3n de servicio contra un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36984",
  "lastModified": "2024-11-21T07:14:12.733",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.543",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36987

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h4Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h4Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda escribir arbitrariamente archivos en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36987",
  "lastModified": "2024-11-21T07:14:13.280",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.707",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36992

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#c1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#c1Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions)."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup (en condiciones espec\u00edficas de notificaci\u00f3n)"
    }
  ],
  "id": "CVE-2022-36992",
  "lastModified": "2024-11-21T07:14:14.130",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.957",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36985

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h7Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h7Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso local no privilegiado a un servidor primario de Windows NetBackup podr\u00eda escalar potencialmente sus privilegios"
    }
  ],
  "id": "CVE-2022-36985",
  "lastModified": "2024-11-21T07:14:12.917",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.607",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36989

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h2Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h2Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un cliente de NetBackup podr\u00eda ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36989",
  "lastModified": "2024-11-21T07:14:13.613",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.810",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36991

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h5Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h5Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un Cliente NetBackup podr\u00eda escribir arbitrariamente contenido en una ruta parcialmente controlada en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36991",
  "lastModified": "2024-11-21T07:14:13.963",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.907",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h5"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36986

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h3Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h3Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso no autenticado podr\u00eda ejecutar remotamente comandos arbitrarios en un servidor primario de NetBackup"
    }
  ],
  "id": "CVE-2022-36986",
  "lastModified": "2024-11-21T07:14:13.090",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.657",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36988

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#h6Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#h6Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un servidor NetBackup OpsCenter, un servidor NetBackup Primary o un servidor NetBackup Media podr\u00eda ejecutar remotamente comandos arbitrarios en un servidor NetBackup Primary o un servidor NetBackup Media"
    }
  ],
  "id": "CVE-2022-36988",
  "lastModified": "2024-11-21T07:14:13.443",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.760",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-36990

Vulnerability from fkie_nvd - Published: 2022-07-28 01:15 - Updated: 2024-11-21 07:14
Severity ?
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.
References
cve@mitre.orghttps://www.veritas.com/content/support/en_US/security/VTS22-004#c2Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.veritas.com/content/support/en_US/security/VTS22-004#c2Patch, Vendor Advisory
Impacted products
Vendor Product Version
veritas flex_appliance 1.2
veritas flex_appliance 1.3
veritas flex_appliance 2.0
veritas flex_appliance 2.0.1
veritas flex_appliance 2.0.2
veritas flex_appliance 2.1
veritas flex_scale 1.3.1
veritas flex_scale 2.1
veritas netbackup 8.1.1
veritas netbackup 8.1.2
veritas netbackup 8.2
veritas netbackup 8.3
veritas netbackup 8.3.0.1
veritas netbackup 8.3.0.2
veritas netbackup 9.0
veritas netbackup 9.0.0.1
veritas netbackup 9.1
veritas netbackup 9.1.0.1
veritas netbackup_appliance 3.1.1
veritas netbackup_appliance 3.1.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 4.0
veritas netbackup_appliance 4.1
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.2
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.1
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 3.3.0.2
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.0.0.1
veritas netbackup_appliance 4.1.0.1
veritas netbackup_appliance 4.1.0.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "025BC427-C1D3-4888-8585-EE5EF288AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDD5695-9235-4592-9B8A-A90BE7762F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF9FB3-5862-4C85-A082-5903E9619A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48682500-A4CC-417A-AE87-254A38E9A837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F28926F3-D951-40EC-A383-27038FF62D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3678D77D-D641-47C6-92BA-FE124D645F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A32EEA7C-4AE9-4E8A-89C5-7354DCE953A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FB11BA-21B8-4AF5-8E06-A03A148380A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F903AD8B-FCF5-4287-828C-AB19C69C00FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A9DC13-0464-4507-A5A2-91BEF7E55AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B23C8C3-3385-435D-861E-F1EEFD382C6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A64D-D4EA-45F4-911E-3F5794979FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A3CE2C-544C-4785-B879-6C4E0A594FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFF0B8-7BA5-4BF0-B98A-BB833D3FA6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "070A8292-8AA8-45B0-BD12-174071C142ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA05618C-73DD-4A02-AF1B-90C5D968C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D33CB9E-3A08-4B80-8C3F-3D180C0F3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDC739-0410-45C6-9628-EC833AC7400E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "40BE7CD2-A828-4A21-B3EB-3BC4688C6D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "0D532AFE-824C-4002-AD4E-431F83911D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "C9CD8205-281F-4ABD-BF1D-EB97090B3755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "0DD01222-0F16-48D3-842A-C07377C0872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "3ED514C2-AEDD-4071-A145-5D281C789703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D4F61-2307-4A29-B620-E811E7642E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "CF307131-DB9A-41CA-9990-EAAF56B671DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
              "matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
              "matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
              "matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Veritas NetBackup versiones 8.1.x hasta 8.1.2, 8.2, 8.3.x hasta 8.3.0.2, 9.x hasta 9.0.0.1 y 9.1.x hasta 9.1.0.1 (y productos NetBackup relacionados). Un atacante con acceso autenticado a un Cliente NetBackup podr\u00eda escribir remotamente archivos arbitrarios en ubicaciones arbitrarias desde cualquier Cliente a cualquier otro Cliente por medio de un servidor primario"
    }
  ],
  "id": "CVE-2022-36990",
  "lastModified": "2024-11-21T07:14:13.793",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 5.8,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-28T01:15:17.857",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2022-36984 (GCVE-0-2022-36984)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:57 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.
Severity ?
7.7 (High)
CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36984",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36984",
    "datePublished": "2022-07-28T00:57:02",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36985 (GCVE-0-2022-36985)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:56 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.
Severity ?
7.8 (High)
CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:56:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36985",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36985",
    "datePublished": "2022-07-28T00:56:33",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36986 (GCVE-0-2022-36986)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:56 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.
Severity ?
8.6 (High)
CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.400Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:56:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36986",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36986",
    "datePublished": "2022-07-28T00:56:03",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.400Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36987 (GCVE-0-2022-36987)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:55 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.
Severity ?
8.5 (High)
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:55:34",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36987",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36987",
    "datePublished": "2022-07-28T00:55:34",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36988 (GCVE-0-2022-36988)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:55 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.
Severity ?
8 (High)
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.338Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:55:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36988",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36988",
    "datePublished": "2022-07-28T00:55:06",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36989 (GCVE-0-2022-36989)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:54 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.
Severity ?
8.8 (High)
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.604Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:54:43",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36989",
    "datePublished": "2022-07-28T00:54:44",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36990 (GCVE-0-2022-36990)

Vulnerability from cvelistv5 – Published: 2022-07-28 00:54 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.
Severity ?
9.6 (Critical)
CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:54:19",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36990",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:H/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#c2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36990",
    "datePublished": "2022-07-28T00:54:19",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36984 (GCVE-0-2022-36984)

Vulnerability from nvd – Published: 2022-07-28 00:57 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.
Severity ?
7.7 (High)
CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36984",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36984",
    "datePublished": "2022-07-28T00:57:02",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36985 (GCVE-0-2022-36985)

Vulnerability from nvd – Published: 2022-07-28 00:56 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.
Severity ?
7.8 (High)
CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:56:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36985",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36985",
    "datePublished": "2022-07-28T00:56:33",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36986 (GCVE-0-2022-36986)

Vulnerability from nvd – Published: 2022-07-28 00:56 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.
Severity ?
8.6 (High)
CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.400Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:56:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36986",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36986",
    "datePublished": "2022-07-28T00:56:03",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.400Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36987 (GCVE-0-2022-36987)

Vulnerability from nvd – Published: 2022-07-28 00:55 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.
Severity ?
8.5 (High)
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:55:34",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36987",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36987",
    "datePublished": "2022-07-28T00:55:34",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36988 (GCVE-0-2022-36988)

Vulnerability from nvd – Published: 2022-07-28 00:55 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.
Severity ?
8 (High)
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.338Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:55:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36988",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36988",
    "datePublished": "2022-07-28T00:55:06",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-36989 (GCVE-0-2022-36989)

Vulnerability from nvd – Published: 2022-07-28 00:54 – Updated: 2024-08-03 10:21
VLAI?
Summary
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server.
Severity ?
8.8 (High)
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:21:32.604Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T00:54:43",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-36989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2",
              "refsource": "MISC",
              "url": "https://www.veritas.com/content/support/en_US/security/VTS22-004#h2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-36989",
    "datePublished": "2022-07-28T00:54:44",
    "dateReserved": "2022-07-28T00:00:00",
    "dateUpdated": "2024-08-03T10:21:32.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}