Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.
References
Link | Resource |
---|---|
https://www.veritas.com/content/support/en_US/security/VTS21-002 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-09-23 05:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-41320
Mitre link : CVE-2022-41320
CVE.ORG link : CVE-2022-41320
JSON object : View
Products Affected
veritas
- system_recovery
CWE
CWE-922
Insecure Storage of Sensitive Information