CVE-2019-14418 - OpenCVE

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Veritas	Resiliency Platform

Configuration 1 [-]

OR	cpe:2.3:a:veritas:resiliency_platform:1.2:::::::*
	cpe:2.3:a:veritas:resiliency_platform:2.0:::::::*
	cpe:2.3:a:veritas:resiliency_platform:2.1:::::::*
	cpe:2.3:a:veritas:resiliency_platform:2.2:::::::*
	cpe:2.3:a:veritas:resiliency_platform:2.2:update_3::::::
	cpe:2.3:a:veritas:resiliency_platform:3.0:::::::*
	cpe:2.3:a:veritas:resiliency_platform:3.1:::::::*
	cpe:2.3:a:veritas:resiliency_platform:3.2:::::::*
	cpe:2.3:a:veritas:resiliency_platform:3.3:::::::*
	cpe:2.3:a:veritas:resiliency_platform:3.3.1:::::::*
	cpe:2.3:a:veritas:resiliency_platform:3.3.2:::::::*

References

Link	Resource
http://packetstormsecurity.com/files/153842/Veritas-Resiliency-Platform-VRP-Traversal-Command-Execution.html	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2019/Jul/39	Broken Link Mailing List Third Party Advisory
https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-29T19:06:17

Updated: 2019-07-31T21:06:09

Reserved: 2019-07-29T00:00:00

Link: CVE-2019-14418

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-07-29T20:15:12.453

Modified: 2023-03-03T19:15:43.607

Link: CVE-2019-14418

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-31T21:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1"}, {"name": "20190730 VTS19-002: Multiple Vulnerabilities in Veritas Resiliency Platform (VRP)", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2019/Jul/39"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/153842/Veritas-Resiliency-Platform-VRP-Traversal-Command-Execution.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-14418", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:C/UI:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1", "refsource": "MISC", "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1"}, {"name": "20190730 VTS19-002: Multiple Vulnerabilities in Veritas Resiliency Platform (VRP)", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Jul/39"}, {"name": "http://packetstormsecurity.com/files/153842/Veritas-Resiliency-Platform-VRP-Traversal-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153842/Veritas-Resiliency-Platform-VRP-Traversal-Command-Execution.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-14418", "datePublished": "2019-07-29T19:06:17", "dateReserved": "2019-07-29T00:00:00", "dateUpdated": "2019-07-31T21:06:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:veritas:resiliency_platform:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "AC19EBD5-492F-4A80-8F00-3B2B7BFBEE4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "654E26B2-7F5A-47BA-9CFA-028896976DFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "265B7FDA-A146-4CB7-B230-25CBBD6D2A8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "9158833A-85AF-41B0-9552-6B1FB771EE02", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:2.2:update_3:*:*:*:*:*:*", "matchCriteriaId": "134E28FA-D293-48F9-BD42-C0A0CCA9F6F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "41BC5DEF-D0AA-491C-BEFB-2C7EB42C64B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AA91579-BB67-4254-A9A0-5C646F932F16", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "9354073F-B0D8-4843-8DF7-3D70B0546627", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2D58398B-5F33-46F3-BD74-36E84503CC4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "5BF412FA-A2A3-4176-897A-D67E0AB98BBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:resiliency_platform:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "3AB0F86E-D59C-4A5B-8FE4-EA32DDDFA2F6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Veritas Resiliencia Platform (VRP) anterior a versi\u00f3n 3.4 HF1. Cuando se carga un paquete de aplicaciones, una vulnerabilidad de salto de directorio permite a un usuario de VRP, con privilegios suficientes, sobrescribir cualquier archivo en la m\u00e1quina virtual de VRP. Un usuario de VRP malicioso podr\u00eda usar esto para reemplazar los archivos existentes y tomar el control de la m\u00e1quina virtual de VRP."}], "id": "CVE-2019-14418", "lastModified": "2023-03-03T19:15:43.607", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "cve@mitre.org", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-29T20:15:12.453", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/153842/Veritas-Resiliency-Platform-VRP-Traversal-Command-Execution.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2019/Jul/39"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.veritas.com/content/support/en_US/security/VTS19-002.html#Issue1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}