Veritas · Veritas Resiliency Platform · CVE-2019-14418
**Name of the Vulnerable Software and Affected Versions**
Veritas Resiliency Platform versions prior to 3.4 HF1
**Description**
An issue allows a user with sufficient privileges to overwrite any file in the virtual machine through a directory traversal vulnerability when uploading an application bundle. This could enable a malicious user to replace existing files and take control of the virtual machine.
**Recommendations**
For versions prior to 3.4 HF1, update to version 3.4 HF1 or later to resolve the issue. As a temporary workaround, consider restricting upload privileges to trusted users until the update is applied.