2698 matches found
CVE-2021-27877
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this schem...
CVE-2021-27877
CVE-2021-27877 affects Veritas Backup Exec before 21.2, where SHA authentication remains supported but not disabled. This allows a remote attacker to gain unauthorized access to a Backup Exec Agent and execute privileged commands. The vulnerability excerpt notes the issue is exploitable over the ...
CVE-2021-27877
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this schem...
CVE-2021-27878
CVE-2021-27878 affects Veritas Backup Exec Remote Agent before 21.2. A flaw in the SHA authentication scheme lets an attacker bypass auth to issue data-management commands and execute arbitrary OS/system commands with high impact on the affected host. The issue is documented across multiple sourc...
CVE-2021-27878
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
CVE-2021-27878
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
CVE-2021-27876
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
CVE-2021-27876
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
CVE-2021-27876
CVE-2021-27876 affects Veritas Backup Exec (BE) Remote Agent/BE Agent prior to 21.2. The SHA-authentication vulnerability allows an attacker to bypass authentication, issue data-management commands on an authenticated channel, and access arbitrary files on the BE Agent system with SYSTEM/root pri...
Veritas Backup Exec 安全漏洞
Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...
PT-2021-7746
Name of the Vulnerable Software and Affected Versions Veritas Backup Exec versions prior to 21.2 Description A flaw exists in Veritas Backup Exec related to weaknesses in the authentication process when using the SHA cryptographic algorithm. This allows a remote attacker to gain unauthorized acce...
CVE-2021-27878
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
Veritas Backup Exec 安全漏洞
Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...
Veritas Backup Exec 安全漏洞
Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...
PT-2021-7748
Name of the Vulnerable Software and Affected Versions Veritas Backup Exec versions prior to 21.2 Description An issue exists in Veritas Backup Exec related to flaws in the SHA authentication scheme. This can allow an attacker to gain unauthorized access and complete the authentication process...
PT-2021-7747
Name of the Vulnerable Software and Affected Versions Veritas Backup Exec versions prior to 21.2 Description The software exhibits an improper authentication issue related to the SHA cryptographic algorithm. The authentication scheme is no longer used in current versions of the product but had no...
CVE-2021-27876
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
CVE-2021-27877
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn’t yet been disabled. An attacker could remotely exploit this schem...
CVE-2019-25022
An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a payload over an event alias, because the application calls Runtime.getRuntime.exec without validation...
Command Injection
theme-core is vulnerable to command injection. An attacker may inject malicious command via the lib/utils.js. The vulnerability exists due to the insecure usage of the exec function with unsanitized values...