exploitDog

CVE-2022-42301

Опубликовано: 03 окт. 2022

Источник: nvd

CVSS3: 5.4

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.

Ссылки

https://www.veritas.com/content/support/en_US/security/VTS22-013#M1
Patch
Vendor Advisory
https://www.veritas.com/content/support/en_US/security/VTS22-013#M1
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:veritas:netbackup:*:*:*:*:*:*:*:*

Версия до 10.0.0.1 (включая)

EPSS

Процентиль: 47%

0.0024

Низкий

5.4 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-611

Связанные уязвимости

GHSA-w3pc-7g8w-9v7j

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.

EPSS

Процентиль: 47%

0.0024

Низкий

5.4 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-611