Vulnerabilities > CVE-2021-27877 - Unspecified vulnerability in Veritas Backup Exec

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

veritas

critical

NVD

Published: 2021-03-01

Updated: 2025-03-07

Summary

An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.

Vulnerable Configurations

Part	Description	Count
Application	Veritas Veritas Backup Exec 9.0 Veritas Backup Exec 9.0.4019 Veritas Backup Exec 9.1.307 Veritas Backup Exec 10.0 Veritas Backup Exec 14.1.1786.1126 Veritas Backup Exec 14.2.1180.3160 Veritas Backup Exec 15.1180 Veritas Backup Exec 16.0.1142.1327 Veritas Backup Exec 16.1142 Veritas Backup Exec 20.0 Veritas Backup Exec 20.0.1188.2734 Veritas Backup Exec 21.0 Veritas Backup Exec 21.0.1200.1217	13

Vulnerabilities > CVE-2021-27877 - Unspecified vulnerability in Veritas Backup Exec

Summary

Vulnerable Configurations

Related news

References