Every CVE whose affected-product data names Veritas Netbackup, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (66)
CVE-2022-36954 — CVSS 9.9 (critical): In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user…
CVE-2022-36992 — CVSS 9.9 (critical): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2017-8856 — CVSS 9.8 (critical): In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution…
CVE-2017-8857 — CVSS 9.8 (critical): In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote…
CVE-2015-6550 — CVSS 9.8 (critical): bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup…
CVE-2015-6552 — CVSS 9.8 (critical): The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2…
CVE-2022-36951 — CVSS 9.8 (critical): In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched…
CVE-2022-36950 — CVSS 9.8 (critical): In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java…
CVE-2017-8858 — CVSS 9.8 (critical): In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using…
CVE-2017-6409 — CVSS 9.8 (critical): An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces…
CVE-2017-6403 — CVSS 9.8 (critical): An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a…
CVE-2024-28222 — CVSS 9.8 (critical): In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an…
CVE-2022-36990 — CVSS 9.6 (critical): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2020-36163 — CVSS 9.3 (critical): An issue was discovered in Veritas NetBackup and OpsCenter through 8.3.0.1. NetBackup processes using Strawberry Perl attempt to load and…
CVE-2022-36949 — CVSS 9.3 (critical): In Veritas NetBackup OpsCenter, an attacker with local access to a NetBackup OpsCenter server could potentially escalate their privileges…
CVE-2020-36169 — CVSS 9.3 (critical): An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCenter through 8.3.0.1. Processes using OpenSSL attempt to load and…
CVE-2022-42308 — CVSS 9.0 (critical): An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary…
CVE-2006-0989 — CVSS 9.0 (critical): Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and…
CVE-2006-0990 — CVSS 9.0 (critical): Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter…
CVE-2022-42302 — CVSS 9.0 (critical): An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL…
CVE-2022-36956 — CVSS 9.0 (critical): In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id…
CVE-2017-6407 — CVSS 8.8 (high): An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on…
CVE-2017-6406 — CVSS 8.8 (high): An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution…
CVE-2017-6400 — CVSS 8.8 (high): An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged command execution on NetBackup…
CVE-2017-6399 — CVSS 8.8 (high): An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on…
CVE-2022-36993 — CVSS 8.8 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36989 — CVSS 8.8 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36986 — CVSS 8.6 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36987 — CVSS 8.5 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36952 — CVSS 8.4 (high): In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects…
CVE-2022-36991 — CVSS 8.1 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-42303 — CVSS 8.0 (high): An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a…
CVE-2022-42304 — CVSS 8.0 (high): An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL…
CVE-2022-36988 — CVSS 8.0 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2024-52945 — CVSS 7.8 (high): An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System…
CVE-2022-36985 — CVSS 7.8 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36955 — CVSS 7.8 (high): In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their…
CVE-2023-28759 — CVSS 7.8 (high): An issue was discovered in Veritas NetBackup before 10.0 on Windows. A vulnerability in the way the client validates the path to a DLL…
CVE-2017-6401 — CVSS 7.8 (high): An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur…
CVE-2024-33672 — CVSS 7.7 (high): An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary…
CVE-2022-36984 — CVSS 7.7 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-45461 — CVSS 7.5 (high): The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users…
CVE-2017-6405 — CVSS 7.5 (high): An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to…
CVE-2006-0991 — CVSS 7.1 (high): Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 for Windows allows remote attackers to…
CVE-2023-28758 — CVSS 7.1 (high): An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a…
CVE-2022-36997 — CVSS 7.1 (high): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2017-6408 — CVSS 7.0 (high): An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race…
CVE-2017-6402 — CVSS 6.5 (medium): An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup…
CVE-2022-42306 — CVSS 6.5 (medium): An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted…
CVE-2022-37000 — CVSS 6.5 (medium): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36999 — CVSS 6.5 (medium): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36998 — CVSS 6.3 (medium): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-36994 — CVSS 6.3 (medium): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2004-1389 — CVSS 6.0 (medium): Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5…
CVE-2015-6551 — CVSS 5.9 (medium): Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not…
CVE-2017-6404 — CVSS 5.5 (medium): An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing…
CVE-2022-42301 — CVSS 5.4 (medium): An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to…
CVE-2022-36948 — CVSS 5.4 (medium): In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1…
CVE-2021-41570 — CVSS 5.4 (medium): Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup…
CVE-2022-42299 — CVSS 5.3 (medium): An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a…
CVE-2022-42305 — CVSS 5.3 (medium): An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a…
CVE-2022-42307 — CVSS 5.3 (medium): An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to…
CVE-2022-36953 — CVSS 4.3 (medium): In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. This…
CVE-2022-36996 — CVSS 4.3 (medium): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…
CVE-2022-42300 — CVSS 4.3 (medium): An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can…
CVE-2022-36995 — CVSS 4.3 (medium): An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through…