CVE-2022-36954

CRITICAL

Veritas NetBackup OpsCenter <10 - Privilege Escalation

Title source: llm

Description

In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.

References (1)

[Vendor Advisory] https://www.veritas.com/content/support/en_US/security/VTS22-009#Issue1

Scores

CVSS v3 9.9

EPSS 0.0032

EPSS Percentile 54.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Classification

Status published

Affected Products (3)

veritas/netbackup < 8.3.0.2

veritas/netbackup

Timeline

Published Jul 27, 2022

Tracked Since Feb 18, 2026