CVEDB API

Vulnerabilities

Vulnerable Software

Veritas: >> Resiliency Platform >> 2.1 Security Vulnerabilities

CVE-2019-14415

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to.

CVSS Score

5.9

EPSS Score

0.004

Published

2019-07-29

CVE-2019-14416

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality.

CVSS Score

7.2

EPSS Score

0.011

Published

2019-07-29

CVE-2019-14417

CVSS Score

7.2

EPSS Score

0.005

Published

2019-07-29

CVE-2019-14418

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.

CVSS Score

9.1

EPSS Score

0.052

Published

2019-07-29

Page 1

Vulnerabilities

Vulnerable Software

Veritas: >> Resiliency Platform >> 2.1 Security Vulnerabilities

Products

Pricing

Contact Us