CVE-2022-36956

Name of the Vulnerable Software and Affected Versions Veritas NetBackup versions 9.0.0.1 through 9.1.0.1

Description The issue allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain.

Recommendations For versions 9.0.x through 9.0.0.1, update to a version outside of this range to resolve the issue. For versions 9.1.x through 9.1.0.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to valid host-id NetBackup certificates and private keys to minimize the risk of exploitation.