CVE-2022-36990 Information

Description

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2 8.2 8.3.x through 8.3.0.2 9.x through 9.0.0.1 and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.

Reference

https://www.veritas.com/content/support/en_US/security/VTS22-004#c2