Privilege Escalation Vulnerability in Veritas NetBackup Flex Scale
CVE-2022-46410

8.8HIGH

Key Information:

Vendor: Veritas
Status: Netbackup Flex Scale Appliance
Vendor: CVE Published:; 4 December 2022

Summary

A vulnerability has been identified in Veritas NetBackup Flex Scale versions up to 3.0, allowing attackers with non-root access to escalate their privileges to root. By executing specific commands, these attackers can gain unauthorized control over the system, posing significant security risks to the integrity and confidentiality of data managed by the product. Organizations using vulnerable versions should apply recommended updates to mitigate this risk.

References

https://www.veritas.com/content/support/en_US/security/VT...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 4, 2022
Vulnerability Reserved
Dec 4, 2022