VERITAS / ARCTERA SECURITY ALERTS

Security Alerts

2025

VTS25-009 – CISA Known Exploited Vulnerability: Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability

June 24 | ATTN: Veritas

ARC25-007 – Desktop Laptop Option (DLO) Apache HTTP Server and Tomcat Vulnerabilities

May 28 | ATTN: Arctera

VTS25-008 – CISA Known Exploited Vulnerability: Apache HTTP Server Improper Escaping of Output Vulnerability

May 15 | ATTN: Veritas

ARC25-006 – Data Insight Cleartext Password Vulnerability

Apr 15 | ATTN: Arctera

VTS25-007 – CISA Known Exploited Vulnerability: Apache Tomcat Path Equivalence Vulnerability

Apr 15 | ATTN: Veritas

ARC25-005 – eDiscovery Platform Cleartext Password on Command Line Vulnerability

Apr 14 | ATTN: Arctera

VTS25-006 – Ingress NGINX Unauthenticated Remote Code Execution

Apr 8 | ATTN: Veritas

VTS25-005 – CISA Known Exploited Vulnerability: Linux Kernel Use of Uninitialized Resource

Apr 8 | ATTN: Veritas

ARC25-004 : Arctera InfoScale Operations Manager PostgreSQL Vulnerability

March 19 | ATTN: Arctera

ARC25-003 : Veritas Quick Assist 7-Zip Vulnerability

March 12 | ATTN: Arctera

ARC25-002 : InfoScale Windows .Net Remoting Insecure Deserialization Vulnerability

Feb 28 | ATTN: Arctera

VTS25-004 : CISA Known Exploited Vulnerability: 7-Zip Mark-of-the-Web Bypass Vulnerability

Feb 18 | ATTN: Veritas

VTS25-003 : CISA Known Exploited Vulnerability: .NET Framework Vulnerability

Feb 18 | ATTN: Veritas

VTS25-002 : CISA Known Exploited Vulnerability: Linux Kernel Out of Bounds Write Vulnerability

Feb 18 | ATTN: Veritas

VTS25-001 : CISA Known Exploited Vulnerability: jQuery Cross-Site Scripting Vulnerability

Jan 30 | ATTN: Veritas

ARC25-001 : CISA KEV jQuery Cross-Site Scripting (XSS) Vulnerability

Jan 29 | ATTN: Arctera

2024

ARC24-001 : Data Insight SQL Injection (SQLi) Vulnerability

Dec 16 | ATTN: Arctera

VTS24-014 : Remote Code Execution Vulnerabilities in Veritas Enterprise Vault

Nov 15 | ATTN: Arctera

VTS24-013 : Cross-Site Scripting Vulnerabilities in Veritas Enterprise Vault

Nov 12 | ATTN: Arctera

VTS24-012 : Security Advisory affecting NetBackup on Windows

Nov 04 | ATTN: Veritas

VTS24-011 : Remote Code Execution Zero-Day Vulnerabilities found in Unix CUPS Printing System

Sep 30 | ATTN: Arctera / Veritas

VTS24-010 : Veritas Data Insight Reflected Cross Site Scripting (XSS) Vulnerability

Sep 25 | ATTN: Arctera

VTS24-009 : Security Advisory affecting NetBackup Flex Scale Appliance

Sep 17 | ATTN: Veritas

VTS24-008 : OpenSSH Unauthenticated Remote Code Execution

July 03 | ATTN: Arctera / Veritas

VTS24-007 : Security Advisory affecting Access Appliance

July 01 | ATTN: Veritas

VTS24-006 : CISA Known Exploited Vulnerability: Linux Kernel Use-After-Free Vulnerability

June 06 | ATTN: Veritas

VTS24-005 : Veritas System Recovery Arbitrary File Creation Vulnerability

May 07 | ATTN: Arctera 

VTS24-004 : Veritas Alta Recovery Vault Accelerated Delete Vulnerability

May 01 | ATTN: Arctera

VTS24-001: Security Advisory affecting NetBackup on Windows

April 15 | ATTN: Veritas

VTS24-002: Security Advisory affecting Backup Exec

April 15 | ATTN: Arctera

VTS24-003: Linux XZ Utils Notification

April 15 | ATTN: Arctera / Veritas

VTS23-020: Veritas eDiscovery Platform File Upload Vulnerability

Feb 12 | ATTN: Arctera

2023

VTS23-019: Apache Struts 2 – (CVE-2023-50164)

Dec 13 | ATTN: Arctera / Veritas

VTS23-018: LogoFAIL – Vulnerabilities in Unified Extensible Firmware Interfaces

Dec 07 | ATTN: Arctera / Veritas

VTS23-017: CISA KEV GNU C Library (CVE-2023-4911)

Nov 29 | ATTN: Arctera / Veritas

VTS23-016: Service Level Protocol (CVE-2023-29552)

Nov 09 | ATTN: Arctera / Veritas

VTS23-015: CISA KEV Apache ActiveMQ (CVE-2023-46604)

Nov 03 | ATTN: Arctera / Veritas

VTS23-014: HTTP/2 Vulnerability (CVE-2023-44487)

Oct 12 | ATTN: Arctera / Veritas

VTS23-013: Curl and Libcurl notification (CVE-2023-38545 and CVE-2023-38546)

Oct 11 | ATTN: Arctera / Veritas

VTS23-012: Veritas NetBackup IT Analytics: Multiple Vulnerabilities in Infinidat Data Collectors

Aug 03 | ATTN: Veritas

VTS23-011: NetBackup Snapshot Manager RabbitMQ Authentication Bypass Vulnerability

July 26 | ATTN: Veritas

VTS23-008: Apache Shiro CVE-2022-40644 Security Advisory

July 18 | ATTN: Veritas

VTS23-010: Remote Code Execution Vulnerability Impacting NetBackup Servers and Clients

July 18 | ATTN: Veritas

VTS23-009: Veritas InfoScale Operations Manager (VIOM) Command Execution via Insecure File Upload Security Advisory

July 12 | ATTN: Arctera

VTS23-007: Veritas InfoScale Operations Manager (VIOM) Security Advisory

May 02 | ATTN: Arctera

VTS23-006: Security Advisory Impacting NetBackup Windows OS Primary Servers, Media Servers and Clients

Apr 28 | ATTN: Veritas

VTS23-005: CISA XStream Notification

Mar 29 | ATTN: Veritas

VTS23-004: Security Advisory Impacting NetBackup Appliance

Mar 23 | ATTN: Veritas

VTS23-002: Unsigned File Vulnerability in NetBackup IT Analytics

Mar 21 | ATTN: Veritas

VTS23-003: Security Advisory Impacting NetBackup Master Server

Mar 17 | ATTN: Veritas

VTS23-001: Trusted Computing Group (TCG)’s TPM2.0 Implementation

Mar 03 | ATTN: Arctera / Veritas

2022

VTS22-019: Hotfix for Security Advisory Impacting NetBackup Flex Scale and Access Appliance

Nov 30

VTS22-015: Hotfix for Security Advisory Impacting NetBackup Java Admin Console

Nov 15

VTS22-017: Text4Shell Notification

Nov 02

VTS22-016: OpenSSL 3.x.x Notification

Nov 02

Hotfix for Security Advisory Impacting NetBackup Servers

Sep 26

Hotfix for Security Advisory Impacting NetBackup Servers and Clients

Sep 26

Hotfix for Security Advisory Impacting NetBackup Servers

Sep 26

Hotfix for Security Advisory Impacting NetBackup Clients and Servers

Sep 26

Reflected Cross-Site Scripting (XSS) Vulnerability in Veritas Desktop Laptop Option (DLO)

Sep 05

HotFix for Security Advisory Impacting NetBackup Client

July 18

HotFix for Security Advisory Impacting NetBackup – Primary/Media Server

July 18

HotFix for Security Advisory Impacting NetBackup OpsCenter

July 13

Cross-Site Scripting vulnerability for Veritas NetBackup OpsCenter and OpsCenter Analytics

Apr 12

Spring Framework Vulnerability (CVE-2022-22965) in Veritas Products

Apr 01

H2 Database Engine Vulnerability

Mar 04

InfoScale VIOM Security Advisory

Feb 28

Samba CVE-2021-44142 Vulnerability

Feb 09

2021

Apache Log4j Vulnerability

Dec 13

VTS21-003: Remote Code Execution Vulnerabilities in Veritas Enterprise Vault

Nov 16

VTS21-002: Sensitive Information Disclosure Vulnerability in Veritas System Recovery

Sept 07

VTS21-001: Veritas Backup Exec version 21.2

Mar 01

2020

VTS20-017: Veritas System Recovery

Dec 23

VTS20-016: NetBackup and OpsCenter Advisory

Dec 23

VTS20-015: Veritas Resiliency Platform OpenSSL Advisory

Dec 23

VTS20-014: InfoScale OpenSSL advisory

Dec 23

VTS20-013: Enterprise Vault OpenSSL advisory

Dec 23

VTS20-012: Desktop and Laptop Option OpenSSL advisory

Dec 23

VTS20-011: CloudPoint OpenSSL advisory

Dec 23

VTS20-010: Backup Exec OpenSSL advisory

Dec 23

VTS20-009: APTARE OpenSSL advisory

Dec 23

VTS20-008: Master advisory for OpenSSL issue

Dec 23

VTS20-007: Information Disclosure in Desktop Laptop Option (DLO)

Dec 23

VTS20-006: Security Advisory for APTARE 10.5

Oct 14

VTS20-005: BootHole

Aug 06

VTS20-004: Ripple20 Vulnerabilities

July 08

VTS20-003: Security Advisory for APTARE 10.4

May 11

VTS20-002: BE WinCrypto Advisory

Mar 05

VTS20-001: VSR WinCrypto

Feb 28

2019

VTS19-001: Multiple Vulnerabilities in NetBackup Appliance

Mar 18

VTS19-002: Multiple Vulnerabilities in Veritas Resiliency Platform (VRP)

Jul 29

VTS19-003: Arbitrary Command Injection Vulnerability in Veritas InfoScale and Related Products

Nov 05

VTS19-004: Arbitrary Command Injection Vulnerability in Veritas Flex Appliance

Nov 05

VTS19-005: Arbitrary Command Injection Vulnerability in Veritas Access and Access Appliance

Nov 05

VTS19-006: Arbitrary Command Injection Vulnerability in Multiple Veritas Products

Nov 05

2018

VTS18-001: Meltdown, Spectre and Spectre-NG

Jan 18

VTS18-002: Vulnerability in Enterprise Vault.cloud

Oct 09

VTS18-003: Remote command execution vulnerability in NetBackup Appliance

Oct 26

2017

VTS17-001: Vulnerability in Veritas System Recovery

Apr 03

VTS17-003: Multiple Vulnerabilities in Veritas NetBackup and NetBackup Appliance

Feb 27

VTS17-004: Multiple Vulnerabilities in Veritas NetBackup and NetBackup Appliance

May 07

VTS17-005: Remote Command Execution Vulnerability in Veritas NetBackup Appliance

May 07

VTS17-006: Use-After-Free Vulnerability in Multiple Veritas Backup Exec Agents

May 10

2016

VTS16-001: NetBackup Remote Access Vulnerabilities

Apr 26

VTS16-002:NetBackup Appliance Arbitrary Command Execution Vulnerability

Oct 04