Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-36991

Опубликовано: 28 июл. 2022
Источник: nvd
CVSS3: 8.1
CVSS3: 6.5
EPSS Низкий

Описание

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:veritas:flex_appliance:1.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_scale:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:flex_scale:2.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:8.1.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:8.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:8.3:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:8.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:8.3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:9.0:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:9.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:9.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:9.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup_appliance:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup_appliance:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup_appliance:3.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*
cpe:2.3:a:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release1:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release2:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.2:maintenance_release3:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release1:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.1:maintenance_release2:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release1:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:3.3.0.2:maintenance_release2:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*
cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*

EPSS

Процентиль: 53%
0.00303
Низкий

8.1 High

CVSS3

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-f3q6-gphh-82w4

CVSS3: 6.5
github
больше 3 лет назад

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.

EPSS

Процентиль: 53%
0.00303
Низкий

8.1 High

CVSS3

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo