CVE-2022-36998

MEDIUM

Veritas NetBackup 8.1.x-8.1.2, 8.2, 8.3.x-8.3.0.2, 9.x-9.0.0.1, 9.1.x-9.1.0.1 - DoS via Stack Overflow

Title source: llm
STIX 2.1

Description

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.

References (1)

Core 1
Core References

Scores

CVSS v3 6.3
EPSS 0.0058
EPSS Percentile 43.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

CWE
CWE-787
Status published
Products (27)
veritas/flex_appliance 1.2
veritas/flex_appliance 1.3
veritas/flex_appliance 2.0
veritas/flex_appliance 2.0.1
veritas/flex_appliance 2.0.2
veritas/flex_appliance 2.1
veritas/flex_scale 1.3.1
veritas/flex_scale 2.1
veritas/netbackup 8.1.1
veritas/netbackup 8.1.2
... and 17 more
Published Jul 28, 2022
Tracked Since Feb 18, 2026