Question 1

What is CVE-2022-42307 — CVE-2022-42307?

Accepted Answer

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.

Question 2

What is the authoritative source for CVE-2022-42307?

Accepted Answer

CVE-2022-42307 (CVE-2022-42307) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	5.3 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS	0.52% probability of exploitation · percentile 39.8% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-42307CVE-2022-42307

Description

Scoring