Severity
Critical
Description
Security research has disclosed that there is an arbitrary command injection vulnerability that affects multiple Veritas products.
What we know
This vulnerability allows an unauthenticated remote attacker to execute arbitrary commands as root. The following Veritas products are known to be affected:
·
Veritas InfoScale and Related Products (InfoScale Availability, InfoScale Enterprise, Cluster Server and Storage Foundation HA) when using VCS in non-secure mode
·
Flex Appliance
·
Access and Access Appliance
No other Veritas products are believed to be affected by this issue.
Veritas will communicate any new and updated information as soon as we discover and verify the information. Questions and comments are welcomed and should be directed to Veritas Support.
Action Required
Please refer to the Master Advisory for more details on the security advisory and recommended action.
Further information and patch download links here: VTS19-003
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.