CVE-2022-46411

HIGH

Veritas NetBackup <3.0-8.0.100 - Privilege Escalation

Title source: llm

Description

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.

References (1)

Core 1

Core References

Vendor Advisory

https://www.veritas.com/content/support/en_US/security/VTS22-019#issue3

Scores

CVSS v3 8.8

EPSS 0.0057

EPSS Percentile 42.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-287

Status published

Products (2)

veritas/access_appliance < 8.0.100

veritas/netbackup_flex_scale_appliance < 3.0

Published Dec 04, 2022

Tracked Since Feb 18, 2026