Authenticated Remote Command Execution in Veritas NetBackup Flex Scale and Access Appliance
CVE-2022-46413

8.8HIGH

Key Information:

Vendor: Veritas
Status: Netbackup Flex Scale Appliance; Access Appliance
Vendor: CVE Published:; 4 December 2022

Summary

A vulnerability found in Veritas NetBackup Flex Scale and Access Appliance allows authenticated users to execute arbitrary commands via the management portal. This flaw can potentially give an attacker access to sensitive operations and data, posing a significant security risk to users of these products.

References

https://www.veritas.com/content/support/en_US/security/VT...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 4, 2022
Vulnerability Reserved
Dec 4, 2022