CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36166
https://notcve.org/view.php?id=CVE-2020-36166
06 Jan 2021 — An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager (aka VIOM) Windows Management Server 7.x through 7.4.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the \usr\local\ssl\openssl.cnf configuration file, which may not exist. On Windows systems, this path could translate to
CVSS: 10.0EPSS: 6%CPEs: 11EXPL: 0CVE-2019-18780
https://notcve.org/view.php?id=CVE-2019-18780
05 Nov 2019 — An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Flex Appliance 1.2 and earlier, InfoScale 7.3.1 and earlier, InfoScale between 7.4.0 and 7.4.1, Veritas Cluster Server (VCS) 6.2.1 and earlier on Linux/UNIX, Veritas Cluster Server (VCS) 6.1 and earlier on Windows, St... • https://www.veritas.com/content/support/en_US/security/VTS19-003 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2007-4516
https://notcve.org/view.php?id=CVE-2007-4516
21 Feb 2008 — The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets. Volume Manager Scheduler Service (también conocido como VxSchedService.exe) de Symantec Veritas Storage Foundation 5.0 para Windows permite a atacantes remotos provocar una denegación de servicio (cuelgue o caída del demonio) a través de paquetes malformados. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=665 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 2CVE-2005-3566 – Veritas Storage Foundation 4.0 - VCSI18N_LANG Local Overflow
https://notcve.org/view.php?id=CVE-2005-3566
16 Nov 2005 — Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew. • https://www.exploit-db.com/exploits/1316 •