exploitDog

CVE-2022-42307

Опубликовано: 03 окт. 2022

Источник: nvd

CVSS3: 5.3

CVSS3: 9.8

EPSS Низкий

Описание

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.

Ссылки

https://www.veritas.com/content/support/en_US/security/VTS22-012#M2
Patch
Vendor Advisory
https://www.veritas.com/content/support/en_US/security/VTS22-012#M2
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:veritas:netbackup:*:*:*:*:*:*:*:*

Версия до 10.0.0.1 (включая)

EPSS

Процентиль: 39%

0.00178

Низкий

5.3 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-611

Связанные уязвимости

GHSA-36j8-p24p-6p6q

CVSS3: 9.8

github

больше 3 лет назад

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.

EPSS

Процентиль: 39%

0.00178

Низкий

5.3 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-611