CVE-2021-27877 - Veritas Backup Exec Agent Improper Authentication Vulnerability
Project:Veritas
Product:Backup Exec Agent
Date Added:2023-04-07Due Date:2023-04-28
Vulnerability Name
Veritas Backup Exec Agent Improper Authentication Vulnerability
Description
Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://www.veritas.com/support/en_US/security/VTS21-001
https://nvd.nist.gov/vuln/detail/CVE-2021-27877