Veritas Security Vulnerability Statement on InfoScale and Related Products

Veritas Security Vulnerability Statement on InfoScale and Related Products

Article: 100046581
Last Published: 2019-11-05
Ratings: 1 3
Product(s): Access, InfoScale & Storage Foundation, Appliances

Severity

Critical

Description

Security research has disclosed that there is an arbitrary command injection vulnerability that affects multiple Veritas products.

What we know

This vulnerability allows an unauthenticated remote attacker to execute arbitrary commands as root.  The following Veritas products are known to be affected:

·        Veritas InfoScale and Related Products (InfoScale Availability, InfoScale Enterprise, Cluster Server and Storage Foundation HA) when using VCS in non-secure mode

·        Flex Appliance

·        Access and Access Appliance

No other Veritas products are believed to be affected by this issue.

Veritas will communicate any new and updated information as soon as we discover and verify the information.  Questions and comments are welcomed and should be directed to Veritas Support.

Action Required

Please refer to the Master Advisory for more details on the security advisory and recommended action.

 

Was this content helpful?