CVE-2024-28222

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 7, 2024

Summary

CVE-2024-28222 is a vulnerability affecting Veritas NetBackup versions below 8.1.2 and NetBackup Appliance versions below 3.1.2. It allows an unauthenticated attacker to exploit the inadequate file path validation in the BPCD process, enabling them to upload and execute custom files. This vulnerability poses a significant risk, as it can potentially be exploited to gain unauthorized access and execute malicious code on the targeted system. It is strongly recommended that affected organizations promptly apply the necessary patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share