← Back

Veritas

veritas

140 CVEs • 31 products

Products (31)

Click to collapse
Toggle
Netbackup
netbackup
66 CVEs
Netbackup Appliance
netbackup_appliance
41 CVEs
Flex Appliance
flex_appliance
19 CVEs
Enterprise Vault
enterprise_vault
17 CVEs
Flex Scale
flex_scale
17 CVEs
Infoscale Operations Manager
infoscale_operations_manager
9 CVEs
Backup Exec
backup_exec
8 CVEs
Aptare
aptare
6 CVEs
Netbackup Flex Scale Appliance
netbackup_flex_scale_appliance
6 CVEs
Resiliency Platform
resiliency_platform
5 CVEs
Access Appliance
access_appliance
5 CVEs
Access
access
4 CVEs
System Recovery
system_recovery
4 CVEs
Desktop And Laptop Option
desktop_and_laptop_option
3 CVEs
Netbackup Appliance Firmware
netbackup_appliance_firmware
2 CVEs
Infoscale
infoscale
2 CVEs
Aptare It Analytics
aptare_it_analytics
2 CVEs
Opscenter
opscenter
2 CVEs
Bare Metal Restore
bare_metal_restore
1 CVE
Cluster Server
cluster_server
1 CVE
Storage Foundation Ha
storage_foundation_ha
1 CVE
Cloudpoint
cloudpoint
1 CVE
Netbackup Cloudpoint
netbackup_cloudpoint
1 CVE
Storage Foundation
storage_foundation
1 CVE
Storage Foundation And High Availability
storage_foundation_and_high_availability
1 CVE
Netbackup Virtual Appliance
netbackup_virtual_appliance
1 CVE
Netbackup It Analytics
netbackup_it_analytics
1 CVE
Netbackup Opscenter
netbackup_opscenter
1 CVE
Netbackup Snapshot Manager
netbackup_snapshot_manager
1 CVE
Ediscovery Platform
ediscovery_platform
1 CVE
Data Insight
data_insight
1 CVE

CVEs (140)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-27156
1Veritas
1Aptare
Nov 21, 2024
Oct 15, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Veritas APTARE versions prior to 10.5 did not perform adequate authorization checks. This vulnerability could allow for remote code execution by an unauthenticated user.
CVE-2020-12877
1Veritas
1Aptare
Nov 21, 2024
May 14, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication.
CVE-2020-12876
1Veritas
1Aptare
Nov 21, 2024
May 14, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments.
CVE-2020-12875
1Veritas
1Aptare
Nov 21, 2024
May 14, 2020
N/A· v4
6.3 MEDIUM· v3
6.5 MEDIUM· v2
Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters with...Show more
Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application.Show less
CVE-2020-12874
1Veritas
1Aptare
Nov 21, 2024
May 14, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server.
CVE-2019-18780
1Veritas
6Access
Access ApplianceCluster Server+3 more
Nov 21, 2024
Nov 5, 2019
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products a...Show more
An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Flex Appliance 1.2 and earlier, InfoScale 7.3.1 and earlier, InfoScale between 7.4.0 and 7.4.1, Veritas Cluster Server (VCS) 6.2.1 and earlier on Linux/UNIX, Veritas Cluster Server (VCS) 6.1 and earlier on Windows, Storage Foundation HA (SFHA) 6.2.1 and earlier on Linux/UNIX, and Storage Foundation HA (SFHA) 6.1 and earlier on Windows.Show less
CVE-2019-14418
1Veritas
1Resiliency Platform
Nov 21, 2024
Jul 29, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in...Show more
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.Show less
CVE-2019-14417
1Veritas
1Resiliency Platform
Nov 21, 2024
Jul 29, 2019
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine...Show more
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality.Show less
CVE-2019-14416
1Veritas
1Resiliency Platform
Nov 21, 2024
Jul 29, 2019
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine...Show more
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality.Show less
CVE-2019-14415
1Veritas
1Resiliency Platform
Nov 21, 2024
Jul 29, 2019
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, relat...Show more
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to.Show less
CVE-2019-9868
1Veritas
1Netbackup Appliance
Nov 21, 2024
Mar 21, 2019
N/A· v4
7.2 HIGH· v3
4.0 MEDIUM· v2
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.
CVE-2019-9867
1Veritas
1Netbackup Appliance
Nov 21, 2024
Mar 21, 2019
N/A· v4
7.2 HIGH· v3
4.0 MEDIUM· v2
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.
CVE-2018-18652
1Veritas
1Netbackup Appliance
Nov 21, 2024
Oct 25, 2018
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user prov...Show more
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.Show less
CVE-2017-8895
1Veritas
1Backup Exec
May 13, 2026
May 10, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code e...Show more
In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on.Show less
CVE-2017-8859
1Veritas
1Netbackup Appliance
May 13, 2026
May 9, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.
CVE-2017-8858
1Veritas
2Netbackup
Netbackup Appliance
May 13, 2026
May 9, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.
CVE-2017-8857
1Veritas
2Netbackup
Netbackup Appliance
May 13, 2026
May 9, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.
CVE-2017-8856
1Veritas
2Netbackup
Netbackup Appliance
May 13, 2026
May 9, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.
CVE-2017-7444
1Veritas
1System Recovery
May 13, 2026
Apr 5, 2017
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.
CVE-2017-6409
1Veritas
2Netbackup
Netbackup Appliance
May 13, 2026
Mar 2, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access.