CVE-2022-36951

EUVD-2022-39608
In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
veritasnetbackup
8.0 ≤
𝑥
< 8.3.0.2
veritasnetbackup
9.0
veritasnetbackup
9.1.0.0
𝑥
= Vulnerable software versions
References
https://www.veritas.com/content/support/en_US/security/VTS22-009#Issue2
https://www.veritas.com/content/support/en_US/security/VTS22-009#Issue2