cbcvebase.
CVE-2022-36997
published 2022-07-28

CVE-2022-36997: An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related…

PriorityP348high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.59%
43.8th percentile
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_appliance
veritasflex_scale
veritasflex_scale
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
veritasnetbackup_appliance
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.