Lucene search
K

337 matches found

Cvelist
Cvelist
added 2021/03/01 9:49 p.m.46 views

CVE-2021-27876

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

8.1CVSS8.7AI score0.13411EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2021/03/01 12:0 a.m.5 views

PT-2021-7746

Name of the Vulnerable Software and Affected Versions Veritas Backup Exec versions prior to 21.2 Description A flaw exists in Veritas Backup Exec related to weaknesses in the authentication process when using the SHA cryptographic algorithm. This allows a remote attacker to gain unauthorized acce...

9CVSS9.8AI score0.23952EPSS
Exploits4References17
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.12 views

Veritas Backup Exec 安全漏洞

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

9CVSS8.6AI score0.23952EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2021/03/01 12:0 a.m.5 views

PT-2021-7747

Name of the Vulnerable Software and Affected Versions Veritas Backup Exec versions prior to 21.2 Description The software exhibits an improper authentication issue related to the SHA cryptographic algorithm. The authentication scheme is no longer used in current versions of the product but remain...

9.8CVSS7.6AI score0.6491EPSS
Exploits5References27
ATTACKERKB
ATTACKERKB
added 2021/03/01 12:0 a.m.45 views

CVE-2021-27878

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

9CVSS9.7AI score0.23952EPSS
In wildExploits4References3
Positive Technologies
Positive Technologies
added 2021/03/01 12:0 a.m.4 views

PT-2021-7748

Name of the Vulnerable Software and Affected Versions Veritas Backup Exec versions prior to 21.2 Description An issue exists in Veritas Backup Exec related to flaws in the SHA authentication scheme. This can allow an attacker to gain unauthorized access and complete the authentication process...

8.5CVSS9.3AI score0.13411EPSS
Exploits4References18
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.4 views

Veritas Backup Exec 安全漏洞

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

9.8CVSS8.6AI score0.6491EPSS
Exploits5References4
ATTACKERKB
ATTACKERKB
added 2021/03/01 12:0 a.m.49 views

CVE-2021-27877

An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn’t yet been disabled. An attacker could remotely exploit this schem...

9.8CVSS9.2AI score0.6491EPSS
In wildExploits5References3
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.5 views

Veritas Backup Exec 安全漏洞

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

8.1CVSS8.5AI score0.13411EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2021/03/01 12:0 a.m.38 views

CVE-2021-27876

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

8.1CVSS9.3AI score0.13411EPSS
In wildExploits4References3
NVD
NVD
added 2021/01/06 1:15 a.m.29 views

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

9.3CVSS9.3AI score0.00462EPSS
Exploits0References2
OSV
OSV
added 2021/01/06 1:15 a.m.5 views

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

8.8CVSS6.3AI score0.00462EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/01/06 1:15 a.m.4 views

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

9.3CVSS6.3AI score0.00462EPSS
Exploits0References3
Prion
Prion
added 2021/01/06 1:15 a.m.26 views

Design/Logic Flaw

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

7.2CVSS8.7AI score0.00462EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/01/06 12:51 a.m.33 views

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

9.3CVSS9.3AI score0.00462EPSS
Exploits0References2
CVE
CVE
added 2021/01/06 12:51 a.m.93 views

CVE-2020-36167

Veritas Backup Exec (versions 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517) loads the OpenSSL library from the Installation folder at startup, which then reads /usr/local/ssl/openssl.cnf. If that file is missing or writable by a low-privilege user on Windows (e.g., C:\usr\local\...

9.3CVSS8.7AI score0.00462EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/01/05 12:0 a.m.7 views

Veritas Backup Exec Code Issue Vulnerability

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

9.3CVSS6.5AI score0.00462EPSS
Exploits0References4
NCSC
NCSC
added 2020/12/24 12:0 a.m.7 views

Vulnerabilities fixed in Veritas products

Vulnerabilities have been fixed in Veritas Backup Exec and Veritas NetBackup. The vulnerabilities allow a local attacker to to obtain elevated privileges. The vulnerability makes it possible for the attacker to execute arbitrary code under SYSTEM or administrator. The vulnerabilities rated by...

7.8CVSS7.8AI score0.00931EPSS
Exploits1
CERT
CERT
added 2020/12/23 12:0 a.m.155 views

Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create files. Description CVE-2019-1552 Veritas Backup Exec includes an OpenSSL component that specifies an OPENSSLD...

9.3CVSS6.3AI score0.00678EPSS
Exploits0References3
Prion
Prion
added 2018/02/19 7:29 p.m.14 views

Code injection

GEAR Software CD DVD Filter driver aka GEARAspiWDM.sys, as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service system crash via unspecified vectors...

4.9CVSS6.7AI score0.00633EPSS
Exploits0References2Affected Software4
Rows per page
Query Builder