Netbackup
This hub aggregates every CVE we track for Netbackup, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
69
CVEs tracked
23
Critical
27
High
0
In CISA KEV
Severity distribution
HIGH27CRITICAL23MEDIUM19
Monthly trend
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Netbackup.
- CVE-2020-37045NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path7.8
- CVE-2024-52945An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attac...7.8
- CVE-2024-33672An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files.7.7
- CVE-2024-28222In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file.9.8
- CVE-2023-28759An issue was discovered in Veritas NetBackup before 10.0 on Windows. A vulnerability in the way the client validates the path to a DLL prior to loading may allow a lower-level user to elevate privi...7.8
- CVE-2023-28758An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing N...7.1
- CVE-2022-45461The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) t...7.5
- CVE-2022-42299An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService ser...5.3
- CVE-2022-42300An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the wa...4.3
- CVE-2022-42301An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the n...5.4
- CVE-2022-42302An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service.9.0
- CVE-2022-42303An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT s...8.0
- CVE-2022-42304An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.8.0
- CVE-2022-42305An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.5.3
- CVE-2022-42306An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL p...6.5
Product normalization is registry-driven with AI assist and human review. How it works