ReportizFlow
Filtered by vendor Veritas
Subscriptions
Total
133 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12876 | 2 Microsoft, Veritas | 2 Windows, Aptare | 2024-11-21 | 7.5 High |
| Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments. | ||||
| CVE-2020-12875 | 1 Veritas | 1 Aptare | 2024-11-21 | 6.3 Medium |
| Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application. | ||||
| CVE-2020-12874 | 1 Veritas | 1 Aptare | 2024-11-21 | 9.8 Critical |
| Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server. | ||||
| CVE-2019-9868 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator. | ||||
| CVE-2019-9867 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator. | ||||
| CVE-2019-18780 | 3 Linux, Microsoft, Veritas | 8 Linux Kernel, Windows, Access and 5 more | 2024-11-21 | 9.8 Critical |
| An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Flex Appliance 1.2 and earlier, InfoScale 7.3.1 and earlier, InfoScale between 7.4.0 and 7.4.1, Veritas Cluster Server (VCS) 6.2.1 and earlier on Linux/UNIX, Veritas Cluster Server (VCS) 6.1 and earlier on Windows, Storage Foundation HA (SFHA) 6.2.1 and earlier on Linux/UNIX, and Storage Foundation HA (SFHA) 6.1 and earlier on Windows. | ||||
| CVE-2019-14418 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | 8.8 High |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine. | ||||
| CVE-2019-14417 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | N/A |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality. | ||||
| CVE-2019-14416 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | 7.2 High |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality. | ||||
| CVE-2019-14415 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | 4.8 Medium |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to. | ||||
| CVE-2018-18652 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input. | ||||
| CVE-2024-52945 | 1 Veritas | 1 Netbackup | 2024-11-19 | 7.8 High |
| An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context. | ||||
| CVE-2024-52944 | 1 Veritas | 1 Enterprise Vault | 2024-11-19 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||