Unauthenticated Information Disclosure Vulnerability in Veritas Desktop and Laptop Option
CVE-2020-36159

5.3MEDIUM

Key Information:

Vendor: Veritas
Status: Desktop And Laptop Option
Vendor: CVE Published:; 5 January 2021

Summary

An information disclosure vulnerability in Veritas Desktop and Laptop Option (DLO) allows unauthorized access to operational details regarding backup processing status. This vulnerability arises from a URL that does not require authentication, potentially exposing sensitive data to malicious actors. Users of affected versions should consider upgrading to the latest version to mitigate risks associated with this issue.

References

https://www.veritas.com/content/support/en_US/security/VT...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 5, 2021
Vulnerability Reserved
Jan 5, 2021