← back
CVE-2021-27877

CVE-2021-27877

CVSS 8.2 HIGHEPSS 64.9%● KEV
In short

Veritas Backup Exec uses an outdated authentication method (SHA) that wasn't disabled, allowing attackers to remotely bypass security and run privileged commands on backup servers.

Technical detail

CVE-2021-27877 exploits a legacy SHA authentication scheme in Veritas Backup Exec versions before 21.2 that remains enabled despite being obsolete. Remote attackers can leverage this weak authentication vector to gain unauthorized access to Agents and execute arbitrary privileged commands without valid credentials.

Summary generated and translated by AI from the official description.
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.
CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:N/S:U/UI:N
Affected products
n/a · n/a
public PoCs found1
cve_referencepacketstormsecurity.com/files/168506/Veritas-Backup-Exec-Agent-Remote-Code-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/168506/Veritas-Backup-Exec-Agent-Remote-Code-Execution.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27877https://www.veritas.com/content/support/en_US/security/VTS21-001#issue1