What is the severity of CVE-2020-36167?

CVE-2020-36167 is classified as a medium severity vulnerability.

How do I fix CVE-2020-36167?

To fix CVE-2020-36167, apply hotfix 298543 for versions 20.6 and earlier or hotfix 657517 for version 21.1.

Which versions of Veritas Backup Exec are affected by CVE-2020-36167?

CVE-2020-36167 affects Veritas Backup Exec versions 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517.

What is the main issue described in CVE-2020-36167?

The main issue in CVE-2020-36167 is the loading of an insecure OpenSSL library configuration file during the start-up of the server.

Is there a workaround for CVE-2020-36167?

Currently, the recommended approach is to apply the appropriate hotfix rather than relying on a workaround.

Vulnerability/
CVE-2020-36167

critical

9.3

CWE

434

6/1/2021

4/8/2024

CVE-2020-36167: Malicious File Upload

First published: Wed Jan 06 2021(Updated: )

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, which may not exist. On Windows systems, this path could translate to <drive>:\usr\local\ssl\openssl.cnf. A low privileged user can create a :\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine, resulting in arbitrary code execution as SYSTEM when the service starts. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, access all installed applications, etc. If the system is also an Active Directory domain controller, then this can affect the entire domain.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Veritas Backup Exec	>=20.0<20.0.1188.2734
Veritas Backup Exec	>=21.0<21.0.1200.1217

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-36167?
CVE-2020-36167 is classified as a medium severity vulnerability.
How do I fix CVE-2020-36167?
To fix CVE-2020-36167, apply hotfix 298543 for versions 20.6 and earlier or hotfix 657517 for version 21.1.
Which versions of Veritas Backup Exec are affected by CVE-2020-36167?
CVE-2020-36167 affects Veritas Backup Exec versions 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517.
What is the main issue described in CVE-2020-36167?
The main issue in CVE-2020-36167 is the loading of an insecure OpenSSL library configuration file during the start-up of the server.
Is there a workaround for CVE-2020-36167?
Currently, the recommended approach is to apply the appropriate hotfix rather than relying on a workaround.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/weakness
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/veritas
canonical/veritas backup exec
version/veritas backup exec/20.0
version/veritas backup exec/21.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.