PT-2022-27860 · Veritas · Veritas Netbackup Access Appliance+1
Published
2022-12-04
·
Updated
2023-08-08
·
CVE-2022-46411
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Veritas NetBackup Flex Scale versions 1.0 through 3.0
Veritas NetBackup Access Appliance versions 8.0.0 through 8.0.100
Description
An issue was discovered where a default password is persisted after installation and may be discovered and used to escalate privileges.
Recommendations
For Veritas NetBackup Flex Scale versions 1.0 through 3.0, change the default password after installation to prevent potential privilege escalation.
For Veritas NetBackup Access Appliance versions 8.0.0 through 8.0.100, change the default password after installation to prevent potential privilege escalation.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Veritas Netbackup Access Appliance
Veritas Netbackup Flex Scale