Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.
References
Link | Resource |
---|---|
https://www.veritas.com/content/support/en_US/security/VTS21-002 | Vendor Advisory |
https://www.veritas.com/content/support/en_US/security/VTS21-002 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:23
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.veritas.com/content/support/en_US/security/VTS21-002 - Vendor Advisory |
Information
Published : 2022-09-23 05:15
Updated : 2024-11-21 07:23
NVD link : CVE-2022-41320
Mitre link : CVE-2022-41320
CVE.ORG link : CVE-2022-41320
JSON object : View
Products Affected
veritas
- system_recovery
CWE
CWE-922
Insecure Storage of Sensitive Information