An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.
References
Link | Resource |
---|---|
https://www.veritas.com/content/support/en_US/security/VTS22-012#M2 | Patch Vendor Advisory |
https://www.veritas.com/content/support/en_US/security/VTS22-012#M2 | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 07:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
References | () https://www.veritas.com/content/support/en_US/security/VTS22-012#M2 - Patch, Vendor Advisory |
Information
Published : 2022-10-03 15:15
Updated : 2024-11-21 07:24
NVD link : CVE-2022-42307
Mitre link : CVE-2022-42307
CVE.ORG link : CVE-2022-42307
JSON object : View
Products Affected
veritas
- netbackup
CWE
CWE-611
Improper Restriction of XML External Entity Reference