Unrated severityNVD Advisory· Published Nov 5, 2019· Updated Aug 5, 2024

CVE-2019-18780

Description

An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Flex Appliance 1.2 and earlier, InfoScale 7.3.1 and earlier, InfoScale between 7.4.0 and 7.4.1, Veritas Cluster Server (VCS) 6.2.1 and earlier on Linux/UNIX, Veritas Cluster Server (VCS) 6.1 and earlier on Windows, Storage Foundation HA (SFHA) 6.2.1 and earlier on Linux/UNIX, and Storage Foundation HA (SFHA) 6.1 and earlier on Windows.

Affected products

Veritas/InfoScaledescription
Symantec/Flex Appliancellm-create
Range: <=1.2
Symantec/Access Appliancellm-fuzzy
Range: <=7.4.2
Symantec/Cluster Serverllm-fuzzy
Range: <=6.2.1 (Linux/UNIX) / <=6.1 (Windows)
Symantec/Accessllm-fuzzy
Range: <=7.4.2
Symantec/Storage Foundationllm-fuzzy
Range: <=6.2.1 (Linux/UNIX) / <=6.1 (Windows)
Symantec/InfoScalellm-fuzzy
Range: <=7.3.1

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.veritas.com/content/support/en_US/security/VTS19-003mitrex_refsource_MISC
www.veritas.com/content/support/en_US/security/VTS19-004mitrex_refsource_MISC
www.veritas.com/content/support/en_US/security/VTS19-005mitrex_refsource_MISC
www.veritas.com/content/support/en_US/security/VTS19-006mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000