CVE-2020-27157
First published: Thu Oct 15 2020(Updated: )
Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality accessible to the targeted user account.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Veritas APTARE | <10.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-27157?
CVE-2020-27157 is a vulnerability in Veritas APTARE versions prior to 10.5 that allows an unauthenticated user to bypass the login process and gain unauthorized access to the application and its data.
How severe is CVE-2020-27157?
CVE-2020-27157 has a severity rating of 8.1 (high).
How can I fix CVE-2020-27157?
To fix CVE-2020-27157, users should upgrade to Veritas APTARE version 10.5 or later, which includes a fix for this vulnerability.
What is the Common Weakness Enumeration (CWE) ID for CVE-2020-27157?
The Common Weakness Enumeration (CWE) ID for CVE-2020-27157 is CWE-294.
Where can I find more information about CVE-2020-27157?
You can find more information about CVE-2020-27157 on the Veritas website at: https://www.veritas.com/content/support/en_US/security/VTS20-006#issue2
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/softwarecombine
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/veritas
- canonical/veritas aptare