Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netbackup
(Veritas)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 66 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-03 | CVE-2022-42306 | An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process. | Netbackup | 5.5 | ||
| 2022-10-03 | CVE-2022-42307 | An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service. | Netbackup | 9.8 | ||
| 2022-10-03 | CVE-2022-42308 | An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code. | Netbackup | 7.1 | ||
| 2017-03-02 | CVE-2017-6409 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access. | Netbackup, Netbackup_appliance | 9.8 | ||
| 2017-03-02 | CVE-2017-6408 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured. | Netbackup, Netbackup_appliance | 7.0 | ||
| 2017-03-02 | CVE-2017-6407 | An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur. | Netbackup, Netbackup_appliance | 8.8 | ||
| 2017-03-02 | CVE-2017-6406 | An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur. | Access, Netbackup, Netbackup_appliance | 8.8 | ||
| 2017-03-02 | CVE-2017-6405 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing. | Netbackup, Netbackup_appliance | 7.5 | ||
| 2017-03-02 | CVE-2017-6404 | An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data. | Netbackup, Netbackup_appliance | 5.5 | ||
| 2017-03-02 | CVE-2017-6402 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur. | Netbackup, Netbackup_appliance | 6.5 |