| Title | Veritas System Recovery における脆弱性 |
|---|---|
| Summary | Veritas System Recovery には、不特定の脆弱性が存在します。 |
| Possible impacts | 情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Dec. 23, 2020, midnight |
| Registration Date | Sept. 10, 2021, 6:07 p.m. |
| Last Update | Sept. 10, 2021, 6:07 p.m. |
| CVSS3.0 : 重要 | |
| Score | 8.8 |
|---|---|
| Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
| CVSS2.0 : 危険 | |
| Score | 7.2 |
|---|---|
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| ベリタス |
| Veritas System Recovery 21.2 未満 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2021年09月10日] 掲載 |
Sept. 10, 2021, 6:07 p.m. |
| Summary | An issue was discovered in Veritas System Recovery before 21.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the from \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create directories under C:\. A low privileged user can create a C:\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine, resulting in arbitrary code execution as SYSTEM when the service starts. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data and installed applications, etc. If the system is also an Active Directory domain controller, then this can affect the entire domain. |
|---|---|
| Publication Date | Jan. 6, 2021, 10:15 a.m. |
| Registration Date | Jan. 26, 2021, 11:58 a.m. |
| Last Update | Nov. 21, 2024, 2:28 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:veritas:system_recovery:*:*:*:*:*:*:*:* | 21.2 | ||||
| execution environment | |||||
| 1 | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | ||||