Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
veritas netbackup appliance vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-9868
An issue exists in the Web Console in Veritas NetBackup Appliance up to and including 3.1.2. The SMTP password is displayed to an administrator.
Veritas Netbackup Appliance
7.2
CVSSv3
CVE-2019-9867
An issue exists in the Web Console in Veritas NetBackup Appliance up to and including 3.1.2. The proxy server password is displayed to an administrator.
Veritas Netbackup Appliance
6.1
CVSSv3
CVE-2023-26788
Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address.
Veritas Netbackup Appliance Firmware 4.1.0.1
8.8
CVSSv3
CVE-2022-46410
An issue exists in Veritas NetBackup Flex Scale up to and including 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands.
Veritas Netbackup Flex Scale Appliance
8.8
CVSSv3
CVE-2022-46412
An issue exists in Veritas NetBackup Flex Scale up to and including 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.
Veritas Netbackup Flex Scale Appliance
9.8
CVSSv3
CVE-2016-7399
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x up to and including 2.6.0.4, 2.6.1.x up to and including 2.6.1.2, 2.7.x up to and including 2.7.3, and 3.0.x allow remote malicious users to execute arbitrary commands via shell metacharacters in the hostName parameter to ...
Veritas Netbackup Appliance Firmware 2.6.0.0
Veritas Netbackup Appliance Firmware 2.6.0.1
Veritas Netbackup Appliance Firmware 2.7.1.0
Veritas Netbackup Appliance Firmware 2.7.2.0
Veritas Netbackup Appliance Firmware 2.6.0.4
Veritas Netbackup Appliance Firmware 2.6.1.0
Veritas Netbackup Appliance Firmware 2.6.0.2
Veritas Netbackup Appliance Firmware 2.6.0.3
Veritas Netbackup Appliance Firmware 3.0.0.0
Veritas Netbackup Appliance Firmware 2.6.1.1
Veritas Netbackup Appliance Firmware 2.6.1.2
Veritas Netbackup Appliance Firmware 2.7.0.0
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
174 Github repositories
7 Articles
NA
CVE-2024-28222
In Veritas NetBackup prior to 8.1.2 and NetBackup Appliance prior to 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated malicious user to upload and execute a custom file.
1 Github repository
NA
CVE-2024-34404
A vulnerability exists in the Alta Recovery Vault feature of Veritas NetBackup prior to 10.4 and NetBackup Appliance prior to 5.4. By design, only the cloud administrator should be able to disable the retention lock of Governance mode images. This vulnerability allowed a NetBacku...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5