Second-Order SQL Injection Vulnerability in Veritas NetBackup Primary Server (CVE-2022-42302)

Second-Order SQL Injection Vulnerability in Veritas NetBackup Primary Server (CVE-2022-42302)

CVE-2022-42303 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.