1 results (0.004 seconds)
CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0
CVE-2020-36162
https://notcve.org/view.php?id=CVE-2020-36162
An issue was discovered in Veritas CloudPoint before 8.3.0.1+hotfix. The CloudPoint Windows Agent leverages OpenSSL. This OpenSSL library attempts to load the \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems users can create directories under <drive>:\. A low privileged user can create a <drive>:\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine, which may result in arbitrary code execution. • https://www.veritas.com/content/support/en_US/security/VTS20-011 •