Lucene search

MitreCVELIST:CVE-2022-36988

HistoryJul 28, 2022 - 12:55 a.m.

CVE-2022-36988

2022-07-2800:55:06

mitre

www.cve.org

veritas netbackup

remote execution

authentication issue

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

42.0%

JSON

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.

References

www.veritas.com/content/support/en_US/security/VTS22-004#h6

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

42.0%

JSON

Related for CVELIST:CVE-2022-36988