Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
veritas netbackup vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34404
A vulnerability exists in the Alta Recovery Vault feature of Veritas NetBackup prior to 10.4 and NetBackup Appliance prior to 5.4. By design, only the cloud administrator should be able to disable the retention lock of Governance mode images. This vulnerability allowed a NetBacku...
NA
CVE-2024-33672
An issue exists in Veritas NetBackup prior to 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files.
NA
CVE-2024-28222
In Veritas NetBackup prior to 8.1.2 and NetBackup Appliance prior to 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated malicious user to upload and execute a custom file.
1 Github repository
NA
CVE-2023-40256
A vulnerability exists in Veritas NetBackup Snapshot Manager prior to 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this i...
Veritas Netbackup Snapshot Manager 9.1
Veritas Netbackup Snapshot Manager 9.1.0.1
Veritas Netbackup Snapshot Manager 10.0
Veritas Netbackup Snapshot Manager 10.0.0.1
Veritas Netbackup Snapshot Manager 10.1
Veritas Netbackup Snapshot Manager 10.1.1
Veritas Netbackup Snapshot Manager 10.2
Veritas Netbackup Snapshot Manager 9.0
Veritas Netbackup Snapshot Manager
NA
CVE-2023-37237
In Veritas NetBackup Appliance prior to 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH.
Veritas Netbackup Appliance 4.1.0.1
Veritas Netbackup Appliance
NA
CVE-2023-26788
Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address.
Veritas Netbackup Appliance Firmware 4.1.0.1
NA
CVE-2023-26789
Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting (XSS). The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user'...
Veritas Netbackup Opscenter 9.1.0.1
NA
CVE-2023-28818
An issue exists in Veritas NetBackup IT Analytics 11 prior to 11.2.0. The application upgrade process included unsigned files that could be exploited and result in a customer installing unauthentic components. A malicious actor could install rogue Collector executable files (apta...
Veritas Netbackup It Analytics 11.1.00
Veritas Netbackup It Analytics 11.0.00
Veritas Aptare It Analytics
NA
CVE-2023-28758
An issue exists in Veritas NetBackup prior to 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files.
Veritas Netbackup
NA
CVE-2023-28759
An issue exists in Veritas NetBackup prior to 10.0 on Windows. A vulnerability in the way the client validates the path to a DLL prior to loading may allow a lower-level user to elevate privileges and compromise the system.
Veritas Netbackup
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »