Privilege Escalation in Veritas NetBackup Flex Scale and Access Appliance
CVE-2022-46411

8.8HIGH

Key Information:

Vendor: Veritas
Status: Netbackup Flex Scale Appliance; Access Appliance
Vendor: CVE Published:; 4 December 2022

What is CVE-2022-46411?

A significant security issue has been identified in Veritas NetBackup Flex Scale and Access Appliance, where a default password persists after initial installation. This security flaw allows unauthorized users to exploit this default credential to gain elevated privileges within the affected systems, posing potential risks to sensitive data and overall system integrity.

References

https://www.veritas.com/content/support/en_US/security/VT...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2022
Vulnerability Reserved
Dec 4, 2022