CVE-2022-45461

The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root.

Published: Nov 17, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-45461
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
veritas / netbackup	-	10.1.x

https://www.veritas.com/content/support/en_US/security/VTS22-015

Vulnerability Database

289,599

CVE-2022-45461