CVE-2019-14418

Name of the Vulnerable Software and Affected Versions Veritas Resiliency Platform versions prior to 3.4 HF1

Description An issue allows a user with sufficient privileges to overwrite any file in the virtual machine through a directory traversal vulnerability when uploading an application bundle. This could enable a malicious user to replace existing files and take control of the virtual machine.

Recommendations For versions prior to 3.4 HF1, update to version 3.4 HF1 or later to resolve the issue. As a temporary workaround, consider restricting upload privileges to trusted users until the update is applied.