Описание
Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 18.0 (включая) до 18.0.4.57090 (исключая)Версия от 21 (включая) до 21.0.3.62140 (исключая)
Одно из
cpe:2.3:a:veritas:system_recovery:*:*:*:*:*:*:*:*
cpe:2.3:a:veritas:system_recovery:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00326
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-922
CWE-922
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.
EPSS
Процентиль: 55%
0.00326
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-922
CWE-922