Revision History

  • 1.0: December 23, 2020: Initial version
  • 1.1: January 8, 2021: Added CVE ID


The Veritas Desktop and Laptop Option (DLO) 9.5 application contains a fix to a security issue. It is recommended that Veritas customers update DLO software to the latest 9.5 release.


Information Disclosure
CVE ID: CVE-2020-36159
Severity: Medium
CVSS v3.1 Base Score 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

The Desktop and Laptop Option (DLO) application prior to version 9.5 disclosed operational information on the backup processing status through a URL which did not require authentication.


Veritas would like to thank Muhammed Kılıç of Biznet Bilişim for responsibly reporting this vulnerability to us.