Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality accessible to the targeted user account.
References
Link | Resource |
---|---|
https://www.veritas.com/content/support/en_US/security/VTS20-006#issue2 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-15T04:33:50
Updated: 2020-10-15T04:33:50
Reserved: 2020-10-15T00:00:00
Link: CVE-2020-27157
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-10-15T05:15:12.337
Modified: 2020-10-20T15:49:15.157
Link: CVE-2020-27157
JSON object: View
Redhat Information
No data.
CWE