PT-2022-23697 · Veritas · Veritas Netbackup Opscenter
Published
2022-07-27
·
Updated
2022-08-03
·
CVE-2022-36950
CVSS v3.1
9.8
Critical
| Vector | AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions
Veritas NetBackup OpsCenter versions 8.x through 8.3.0.2
Veritas NetBackup OpsCenter versions 9.x through 9.0.0.1
Veritas NetBackup OpsCenter versions 9.1.x through 9.1.0.1
Veritas NetBackup OpsCenter version 10
Description
An unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation.
Recommendations
For versions 8.x through 8.3.0.2, update to a version later than 8.3.0.2 to resolve the issue.
For versions 9.x through 9.0.0.1, update to a version later than 9.0.0.1 to resolve the issue.
For versions 9.1.x through 9.1.0.1, update to a version later than 9.1.0.1 to resolve the issue.
For version 10, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Veritas Netbackup Opscenter