First published: Thu Jul 28 2022(Updated: )
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Veritas Flex Appliance | =1.2 | |
Veritas Flex Appliance | =1.3 | |
Veritas Flex Appliance | =2.0 | |
Veritas Flex Appliance | =2.0.1 | |
Veritas Flex Appliance | =2.0.2 | |
Veritas Flex Appliance | =2.1 | |
Veritas Flex Scale | =1.3.1 | |
Veritas Flex Scale | =2.1 | |
NetBackup Enterprise Server | =8.1.1 | |
NetBackup Enterprise Server | =8.1.2 | |
NetBackup Enterprise Server | =8.2 | |
NetBackup Enterprise Server | =8.3 | |
NetBackup Enterprise Server | =8.3.0.1 | |
NetBackup Enterprise Server | =8.3.0.2 | |
NetBackup Enterprise Server | =9.0 | |
NetBackup Enterprise Server | =9.0.0.1 | |
NetBackup Enterprise Server | =9.1 | |
NetBackup Enterprise Server | =9.1.0.1 | |
NetBackup Enterprise Server | =10.0 | |
Symantec NetBackup Appliance | =3.1.1 | |
Symantec NetBackup Appliance | =3.1.2 | |
Symantec NetBackup Appliance | =3.2 | |
Symantec NetBackup Appliance | =4.0 | |
Symantec NetBackup Appliance | =4.1 | |
Symantec NetBackup Appliance | =3.2-maintenance_release1 | |
Symantec NetBackup Appliance | =3.2-maintenance_release2 | |
Symantec NetBackup Appliance | =3.2-maintenance_release3 | |
Symantec NetBackup Appliance | =3.3.0.1-maintenance_release1 | |
Symantec NetBackup Appliance | =3.3.0.1-maintenance_release2 | |
Symantec NetBackup Appliance | =3.3.0.2-maintenance_release1 | |
Symantec NetBackup Appliance | =3.3.0.2-maintenance_release2 | |
Symantec NetBackup Appliance | =4.0.0.1-maintenance_release1 | |
Symantec NetBackup Appliance | =4.0.0.1-maintenance_release2 | |
Symantec NetBackup Appliance | =4.0.0.1-maintenance_release3 | |
Symantec NetBackup Appliance | =4.1.0.1-maintenance_release1 | |
Symantec NetBackup Appliance | =4.1.0.1-maintenance_release2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-36996 is a vulnerability in Veritas NetBackup where an attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.
Veritas NetBackup versions 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products) are affected by CVE-2022-36996.
CVE-2022-36996 has a severity rating of 6.5 (medium).
To fix CVE-2022-36996, Veritas NetBackup users should apply the necessary security patches provided by Veritas.
You can find more information about CVE-2022-36996 on Veritas' official website at the provided reference link.