cbcvebase.
CVE-2022-36990
published 2022-07-28

CVE-2022-36990: An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related…

PriorityP340medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.57%
42.8th percentile
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_scale
veritasflex_scale
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.