Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbackup vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-42303
An issue exists in Veritas NetBackup up to and including 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.
Veritas Netbackup
9.8
CVSSv3
CVE-2022-42304
An issue exists in Veritas NetBackup up to and including 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.
Veritas Netbackup
7.5
CVSSv3
CVE-2022-42305
An issue exists in Veritas NetBackup up to and including 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.
Veritas Netbackup
5.5
CVSSv3
CVE-2022-42306
An issue exists in Veritas NetBackup up to and including 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
Veritas Netbackup
9.8
CVSSv3
CVE-2022-42307
An issue exists in Veritas NetBackup up to and including 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.
Veritas Netbackup
7.1
CVSSv3
CVE-2022-42308
An issue exists in Veritas NetBackup up to and including 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.
Veritas Netbackup
NA
CVE-2015-6549
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter prior to 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Netbackup Opscenter
7.2
CVSSv3
CVE-2018-18652
A remote command execution vulnerability in Veritas NetBackup Appliance prior to 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.
Veritas Netbackup Appliance
7.2
CVSSv3
CVE-2019-9867
An issue exists in the Web Console in Veritas NetBackup Appliance up to and including 3.1.2. The proxy server password is displayed to an administrator.
Veritas Netbackup Appliance
7.2
CVSSv3
CVE-2019-9868
An issue exists in the Web Console in Veritas NetBackup Appliance up to and including 3.1.2. The SMTP password is displayed to an administrator.
Veritas Netbackup Appliance
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »