CVE-2020-36161 - OpenCVE

An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5 before 10.5P3. By default, on Windows systems, users can create directories under C:\. A low privileged user can create a directory at the configuration file locations. When the Windows system restarts, a malicious OpenSSL engine could exploit arbitrary code execution as SYSTEM. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Veritas	Aptare It Analytics
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:-::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch1::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch2::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch3::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch4::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch5::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch6::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch7::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch8::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.5.00:-::::::
	cpe:2.3:a:veritas:aptare_it_analytics:10.5.00:patch1::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.veritas.com/content/support/en_US/security/VTS20-009	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-01-06T00:52:56

Updated: 2021-01-06T00:52:56

Reserved: 2021-01-06T00:00:00

Link: CVE-2020-36161

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-01-06T01:15:12.810

Modified: 2021-01-12T15:43:40.377

Link: CVE-2020-36161

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5 before 10.5P3. By default, on Windows systems, users can create directories under C:\\. A low privileged user can create a directory at the configuration file locations. When the Windows system restarts, a malicious OpenSSL engine could exploit arbitrary code execution as SYSTEM. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T00:52:56", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.veritas.com/content/support/en_US/security/VTS20-009"}], "x_ConverterErrors": {"cvssV3_1": {"error": "CVSSV3_1 data from v4 record is invalid", "message": "Missing mandatory metrics \"AV\""}}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-36161", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5 before 10.5P3. By default, on Windows systems, users can create directories under C:\\. A low privileged user can create a directory at the configuration file locations. When the Windows system restarts, a malicious OpenSSL engine could exploit arbitrary code execution as SYSTEM. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/A:H/C:H/I:H/PR:N/S:C/UI:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.veritas.com/content/support/en_US/security/VTS20-009", "refsource": "MISC", "url": "https://www.veritas.com/content/support/en_US/security/VTS20-009"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-36161", "datePublished": "2021-01-06T00:52:56", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2021-01-06T00:52:56", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:-:*:*:*:*:*:*", "matchCriteriaId": "3F214244-BD54-4579-81B3-F9B508861BFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch1:*:*:*:*:*:*", "matchCriteriaId": "07BDFC9E-1D04-4EF2-B93A-4D25FA78FD8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch2:*:*:*:*:*:*", "matchCriteriaId": "681F88EB-9059-4FAA-98D9-83D936CCC292", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch3:*:*:*:*:*:*", "matchCriteriaId": "50F4195B-C03C-49F3-801F-A7B6E4E382B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch4:*:*:*:*:*:*", "matchCriteriaId": "F02D93EE-671D-4BE7-B6D5-FD74F483893A", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch5:*:*:*:*:*:*", "matchCriteriaId": "7D867DAF-F441-48B2-A77A-380BE0DF151B", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch6:*:*:*:*:*:*", "matchCriteriaId": "FE3EC431-0A78-42E4-900E-D19FEA8C12FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch7:*:*:*:*:*:*", "matchCriteriaId": "CB25E6DF-822F-40C9-BC19-BC65F2343E7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.4.00:patch8:*:*:*:*:*:*", "matchCriteriaId": "124313FD-7198-46F2-9AE4-97421E79E715", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.5.00:-:*:*:*:*:*:*", "matchCriteriaId": "EC4CE343-9FF2-437C-9EEA-586C2F9D8472", "vulnerable": true}, {"criteria": "cpe:2.3:a:veritas:aptare_it_analytics:10.5.00:patch1:*:*:*:*:*:*", "matchCriteriaId": "C000D745-8C9D-43EC-9386-625CE618AA46", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5 before 10.5P3. By default, on Windows systems, users can create directories under C:\\. A low privileged user can create a directory at the configuration file locations. When the Windows system restarts, a malicious OpenSSL engine could exploit arbitrary code execution as SYSTEM. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Veritas APTARE versiones 10.4 anteriores a 10.4P9 y versiones 10.5 anteriores a 10.5P3. Por defecto, en los sistemas Windows, los usuarios pueden crear directorios en C:\\. Un usuario poco privilegiado puede crear un directorio en las ubicaciones del archivo de configuraci\u00f3n. Cuando se reinicia el sistema Windows, un motor OpenSSL malicioso podr\u00eda explotar una ejecuci\u00f3n de c\u00f3digo arbitraria como SYSTEM. Esto le otorga al atacante acceso de administrador al sistema, permitiendo al atacante (por defecto) acceder a todos los datos, acceder a todas las aplicaciones instaladas, etc"}], "id": "CVE-2020-36161", "lastModified": "2021-01-12T15:43:40.377", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-06T01:15:12.810", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.veritas.com/content/support/en_US/security/VTS20-009"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}