Veritas Flex Scale

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Veritas Flex Scale.

By the Year

In 2026 there have been 0 vulnerabilities in Veritas Flex Scale. Flex Scale did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	0	0.00
2024	0	0.00
2023	0	0.00
2022	17	7.32

It may take a day or so for new Flex Scale vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Veritas Flex Scale Security Vulnerabilities

Veritas NetBackup 8.1-9.1 Auth RCE via Client Notify
CVE-2022-36992 8.8 - High - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions).

Veritas NetBackup 8.x-9.x Authenticated Client DoS on Primary
CVE-2022-36984 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server.

Veritas NetBackup Windows Local Privilege Escalation (CVE-2022-36985)
CVE-2022-36985 7.8 - High - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges.

Veritas NetBackup RCE via Unauth Access (8.1-9.1.0.1)
CVE-2022-36986 9.8 - Critical - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server.

Veritas NetBackup <=9.1.0.1 Arbitrary File Write via Authenticated Client
CVE-2022-36987 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.

Veritas NetBackup RCE on Primary/Media 8.1-9.1 (Auth.)
CVE-2022-36988 8.8 - High - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server.

Veritas NetBackup RCE (8.1.x-9.1.0.1) via Authenticated Client
CVE-2022-36989 8.8 - High - July 28, 2022

Veritas NB 8.19.1 RFW via Authed Client
CVE-2022-36990 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.

Veritas NetBackup 8.1-9.1.x Authenticated Client Arbitrary File Write
CVE-2022-36991 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server.

Veritas NetBackup 8.19.1.x Authenticated Remote File Read (RFR)
CVE-2022-37000 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

Veritas NetBackup 8.1.x-9.1.0.1 Authenticated Client Remote Cmd Exec
CVE-2022-36993 8.8 - High - July 28, 2022

Veritas NetBackup 8.1-9.1 Arbitrary File Read via Authenticated Client
CVE-2022-36994 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily read files from a NetBackup Primary server.

Veritas NetBackup 8.19.1: Client Can Create Directories on Primary
CVE-2022-36995 4.3 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server.

Veritas NetBackup Client Data Disclosure - 8.1.x-9.1.0.1
CVE-2022-36996 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with access to a NetBackup Client could remotely gather information about any host known to a NetBackup Primary server.

Veritas NetBackup 8.x-9.x Client SSRF & Arbitrary File Read (CVE-2022-36997)
CVE-2022-36997 8.8 - High - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.

SSRF

Stack Buffer Overflow Vulnerability in Veritas NetBackup <=9.1.0.1 on Client
CVE-2022-36998 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.

Memory Corruption

Remote File Read in Veritas NetBackup 8.1-9.1 (Client Auth)
CVE-2022-36999 6.5 - Medium - July 28, 2022

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Veritas Flex Scale or by Veritas? Click the Watch button to subscribe.

Veritas
Vendor

Veritas Flex Scale
Product

Veritas Flex Scale

Don't miss out!

By the Year

Recent Veritas Flex Scale Security Vulnerabilities

Veritas NetBackup 8.1-9.1 Auth RCE via Client Notify CVE-2022-36992 8.8 - High - July 28, 2022

Veritas NetBackup 8.x-9.x Authenticated Client DoS on Primary CVE-2022-36984 6.5 - Medium - July 28, 2022

Veritas NetBackup Windows Local Privilege Escalation (CVE-2022-36985) CVE-2022-36985 7.8 - High - July 28, 2022

Veritas NetBackup RCE via Unauth Access (8.1-9.1.0.1) CVE-2022-36986 9.8 - Critical - July 28, 2022

Veritas NetBackup <=9.1.0.1 Arbitrary File Write via Authenticated Client CVE-2022-36987 6.5 - Medium - July 28, 2022

Veritas NetBackup RCE on Primary/Media 8.1-9.1 (Auth.) CVE-2022-36988 8.8 - High - July 28, 2022

Veritas NetBackup RCE (8.1.x-9.1.0.1) via Authenticated Client CVE-2022-36989 8.8 - High - July 28, 2022

Veritas NB 8.19.1 RFW via Authed Client CVE-2022-36990 6.5 - Medium - July 28, 2022

Veritas NetBackup 8.1-9.1.x Authenticated Client Arbitrary File Write CVE-2022-36991 6.5 - Medium - July 28, 2022

Veritas NetBackup 8.19.1.x Authenticated Remote File Read (RFR) CVE-2022-37000 6.5 - Medium - July 28, 2022

Veritas NetBackup 8.1.x-9.1.0.1 Authenticated Client Remote Cmd Exec CVE-2022-36993 8.8 - High - July 28, 2022

Veritas NetBackup 8.1-9.1 Arbitrary File Read via Authenticated Client CVE-2022-36994 6.5 - Medium - July 28, 2022

Veritas NetBackup 8.19.1: Client Can Create Directories on Primary CVE-2022-36995 4.3 - Medium - July 28, 2022

Veritas NetBackup Client Data Disclosure - 8.1.x-9.1.0.1 CVE-2022-36996 6.5 - Medium - July 28, 2022

Veritas NetBackup 8.x-9.x Client SSRF & Arbitrary File Read (CVE-2022-36997) CVE-2022-36997 8.8 - High - July 28, 2022

Stack Buffer Overflow Vulnerability in Veritas NetBackup <=9.1.0.1 on Client CVE-2022-36998 6.5 - Medium - July 28, 2022

Remote File Read in Veritas NetBackup 8.1-9.1 (Client Auth) CVE-2022-36999 6.5 - Medium - July 28, 2022