CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-36167
https://notcve.org/view.php?id=CVE-2020-36167
An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, which may not exist. On Windows systems, this path could translate to <drive>:\usr\local\ssl\openssl.cnf. A low privileged user can create a :\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine, resulting in arbitrary code execution as SYSTEM when the service starts. • https://www.kb.cert.org/vuls/id/429301 https://www.veritas.com/content/support/en_US/security/VTS20-010 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-36168
https://notcve.org/view.php?id=CVE-2020-36168
An issue was discovered in Veritas Resiliency Platform 3.4 and 3.5. It leverages OpenSSL on Windows systems when using the Managed Host addon. On start-up, it loads the OpenSSL library. This library may attempt to load the openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create directories under C:\. • https://www.veritas.com/content/support/en_US/security/VTS20-015 •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-36169
https://notcve.org/view.php?id=CVE-2020-36169
An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCenter through 8.3.0.1. Processes using OpenSSL attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under the top level of any drive. If a low privileged user creates an affected path with a library that the Veritas product attempts to load, they can execute arbitrary code as SYSTEM or Administrator. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc. • https://www.veritas.com/content/support/en_US/security/VTS20-016#Issue1 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36159
https://notcve.org/view.php?id=CVE-2020-36159
Veritas Desktop and Laptop Option (DLO) before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication. Veritas Desktop and Laptop Option (DLO) versiones anteriores a 9.5 revelaba información operativa sobre el estado del procesamiento de la copia de seguridad por medio de una URL que no requería autenticación • https://www.veritas.com/content/support/en_US/security/VTS20-007 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27156
https://notcve.org/view.php?id=CVE-2020-27156
Veritas APTARE versions prior to 10.5 did not perform adequate authorization checks. This vulnerability could allow for remote code execution by an unauthenticated user. Veritas APTARE versiones anteriores a 10.5, no llevaron a cabo unas comprobaciones de autorización adecuadas. Esta vulnerabilidad podría permitir una ejecución de código remota por parte de un usuario no autenticado • https://www.veritas.com/content/support/en_US/security/VTS20-006#issue1 • CWE-863: Incorrect Authorization •