CVE-2022-36985
Summary
| CVE | CVE-2022-36985 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-07-28 01:15:00 UTC |
| Updated | 2022-08-09 14:45:00 UTC |
| Description | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Veritas | Flex Appliance | 1.2 | All | All | All |
| Application | Veritas | Flex Appliance | 1.3 | All | All | All |
| Application | Veritas | Flex Appliance | 2.0 | All | All | All |
| Application | Veritas | Flex Appliance | 2.0.1 | All | All | All |
| Application | Veritas | Flex Appliance | 2.0.2 | All | All | All |
| Application | Veritas | Flex Appliance | 2.1 | All | All | All |
| Application | Veritas | Flex Scale | 1.3.1 | All | All | All |
| Application | Veritas | Flex Scale | 2.1 | All | All | All |
| Application | Veritas | Netbackup | 8.1.1 | All | All | All |
| Application | Veritas | Netbackup | 8.1.2 | All | All | All |
| Application | Veritas | Netbackup | 8.2 | All | All | All |
| Application | Veritas | Netbackup | 8.3 | All | All | All |
| Application | Veritas | Netbackup | 8.3.0.1 | All | All | All |
| Application | Veritas | Netbackup | 8.3.0.2 | All | All | All |
| Application | Veritas | Netbackup | 9.0 | All | All | All |
| Application | Veritas | Netbackup | 9.0.0.1 | All | All | All |
| Application | Veritas | Netbackup | 9.1 | All | All | All |
| Application | Veritas | Netbackup | 9.1.0.1 | All | All | All |
| Application | Veritas | Netbackup Appliance | 3.1.1 | All | All | All |
| Application | Veritas | Netbackup Appliance | 3.1.2 | All | All | All |
| Application | Veritas | Netbackup Appliance | 3.2 | All | All | All |
| Application | Veritas | Netbackup Appliance | 4.0 | All | All | All |
| Application | Veritas | Netbackup Appliance | 4.1 | All | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.2 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.2 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.2 | maintenance_release3 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.1 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.1 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.2 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.2 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.0.0.1 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.0.0.1 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.0.0.1 | maintenance_release3 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.1.0.1 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.1.0.1 | maintenance_release2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VTS22-004: HotFix for Security Advisory impacting NetBackup – Primary/Media Server | Veritas™ | MISC | www.veritas.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 378530 Veritas NetBackup Multiple Vulnerabilities (VTS22-004)