Skip to main content

Netbackup Appliance

42 CVEs product

Monthly

CVE-2024-28222 CRITICAL Act Now

In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Netbackup Netbackup Appliance
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-37237 HIGH This Week

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Appliance
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2022-37000 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36999 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36998 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Flex Appliance Flex Scale +2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36997 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Denial Of Service Flex Appliance Flex Scale Netbackup +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-36996 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-36995 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-36994 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-36993 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36992 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36991 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36990 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36989 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36988 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36987 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-36986 CRITICAL PATCH Act Now

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-36985 HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Privilege Escalation Flex Appliance Flex Scale Netbackup +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-36984 MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Flex Appliance Flex Scale Netbackup Netbackup Appliance
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-22965 Maven CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection Tomcat Spring Framework +37
NVD
CVSS 3.1
9.8
EPSS
99.7%
CVE-2019-9868 HIGH This Week

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
CVSS 3.0
7.2
EPSS
1.2%
CVE-2019-9867 HIGH This Week

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
CVSS 3.0
7.2
EPSS
1.2%
CVE-2018-18652 HIGH This Week

A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
CVSS 3.0
7.2
EPSS
4.1%
CVE-2017-8859 CRITICAL Act Now

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2017-8858 CRITICAL Act Now

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2017-8857 CRITICAL Act Now

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
CVSS 3.0
9.8
EPSS
3.8%
CVE-2017-8856 CRITICAL Act Now

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-6409 CRITICAL Act Now

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Netbackup Appliance
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-6408 HIGH This Week

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Netbackup Netbackup Appliance
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2017-6407 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-6406 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-6405 HIGH This Week

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Netbackup Appliance
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-6404 MEDIUM This Month

An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Netbackup Netbackup Appliance
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-6403 CRITICAL Act Now

An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Netbackup Appliance
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-6402 MEDIUM This Month

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Netbackup Netbackup Appliance
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-6401 HIGH This Week

An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Netbackup Netbackup Appliance
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-6400 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-6399 HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup Netbackup Appliance
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2015-6552 CRITICAL Act Now

The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Appliance Netbackup
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2015-6551 MEDIUM This Month

Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Netbackup Appliance Netbackup
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2015-6550 CRITICAL Act Now

bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Appliance Netbackup
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2013-1608 MEDIUM This Month

Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Netbackup Appliance
NVD
CVSS 2.0
6.7
EPSS
0.2%
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Netbackup Netbackup Appliance
NVD
EPSS 1% CVSS 7.2
HIGH This Week

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Appliance
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow +4
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Denial Of Service Flex Appliance +3
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Flex Appliance Flex Scale +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Privilege Escalation Flex Appliance +3
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Flex Appliance Flex Scale +2
NVD
EPSS 100% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection +39
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
EPSS 4% CVSS 7.2
HIGH This Week

A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Appliance
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Netbackup Appliance
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Netbackup +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Netbackup Netbackup Appliance
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Netbackup Appliance
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Netbackup Netbackup Appliance
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Netbackup Appliance
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Netbackup Netbackup Appliance
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Netbackup Netbackup Appliance
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Access Netbackup +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Appliance Netbackup
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Netbackup Appliance +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netbackup Appliance Netbackup
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Netbackup Appliance
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy