CVE-2022-36986
Summary
| CVE | CVE-2022-36986 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-07-28 01:15:00 UTC |
| Updated | 2022-08-09 16:44:00 UTC |
| Description | An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Veritas | Flex Appliance | 1.2 | All | All | All |
| Application | Veritas | Flex Appliance | 1.3 | All | All | All |
| Application | Veritas | Flex Appliance | 2.0 | All | All | All |
| Application | Veritas | Flex Appliance | 2.0.1 | All | All | All |
| Application | Veritas | Flex Appliance | 2.0.2 | All | All | All |
| Application | Veritas | Flex Appliance | 2.1 | All | All | All |
| Application | Veritas | Flex Scale | 1.3.1 | All | All | All |
| Application | Veritas | Flex Scale | 2.1 | All | All | All |
| Application | Veritas | Netbackup | 8.1.1 | All | All | All |
| Application | Veritas | Netbackup | 8.1.2 | All | All | All |
| Application | Veritas | Netbackup | 8.2 | All | All | All |
| Application | Veritas | Netbackup | 8.3 | All | All | All |
| Application | Veritas | Netbackup | 8.3.0.1 | All | All | All |
| Application | Veritas | Netbackup | 8.3.0.2 | All | All | All |
| Application | Veritas | Netbackup | 9.0 | All | All | All |
| Application | Veritas | Netbackup | 9.0.0.1 | All | All | All |
| Application | Veritas | Netbackup | 9.1 | All | All | All |
| Application | Veritas | Netbackup | 9.1.0.1 | All | All | All |
| Application | Veritas | Netbackup Appliance | 3.1.1 | All | All | All |
| Application | Veritas | Netbackup Appliance | 3.1.2 | All | All | All |
| Application | Veritas | Netbackup Appliance | 3.2 | All | All | All |
| Application | Veritas | Netbackup Appliance | 4.0 | All | All | All |
| Application | Veritas | Netbackup Appliance | 4.1 | All | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.2 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.2 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.2 | maintenance_release3 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.1 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.1 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.2 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 3.3.0.2 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.0.0.1 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.0.0.1 | maintenance_release2 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.0.0.1 | maintenance_release3 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.1.0.1 | maintenance_release1 | All | All |
| Hardware | Veritas | Netbackup Appliance | 4.1.0.1 | maintenance_release2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VTS22-004: HotFix for Security Advisory impacting NetBackup – Primary/Media Server | Veritas™ | MISC | www.veritas.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 378530 Veritas NetBackup Multiple Vulnerabilities (VTS22-004)