CVE-2022-36952
published 2022-07-27CVE-2022-36952: In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2…
PriorityP346critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.44%
35.1th percentile
In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| veritas | netbackup | — | — |
| veritas | netbackup | — | — |
| veritas | netbackup | >= 8.0 < 8.3.0.2 | 8.3.0.2 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv4.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-raspi-5.4 vulnerabilities
osv·2025-01-15·CVSS 4.7
CVE-2022-38096 linux-raspi-5.4 vulnerabilities
linux-raspi-5.4 vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Network drivers;
- SCSI subsystem;
- Ext4 file system;
- Bluetooth subsystem;
- Memory management;
- Amateur Radio drivers;
- Network traffic control;
- Sun RPC protocol;
- VMware vSockets driver;
(CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967,
CVE-2024-50264, CVE-2024-36952, CVE-2024-3855
GHSA
GHSA-9ggc-7v6w-qg26: In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem
ghsa_unreviewed·2022-07-28
CVE-2022-36952 [CRITICAL] CWE-798 GHSA-9ggc-7v6w-qg26: In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem
In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-07-27
Published