Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-14418

Опубликовано: 29 июл. 2019
Источник: nvd
CVSS3: 9.1
CVSS3: 8.8
CVSS2: 6.5
EPSS Низкий

Описание

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:veritas:resiliency_platform:1.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:2.0:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:2.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:2.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:2.2:update_3:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:3.0:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:3.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:3.2:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:3.3:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:veritas:resiliency_platform:3.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 89%
0.04995
Низкий

9.1 Critical

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-wx4h-f449-qcp9

CVSS3: 8.8
github
больше 3 лет назад

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.

EPSS

Процентиль: 89%
0.04995
Низкий

9.1 Critical

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-22