Problem
When product is configured in non-secure mode there is a command injection vulnerability in the availability component of Veritas InfoScale that allows an attacker to execute arbitrary commands as root/administrator.
Solution
A EEB for this issue is available for the Access Appliance 7.4.2 and 7.4.2.100 version(s) of the product. To obtain this fix please contact Veritas Technical Support and quote either this article ID or E-Track 3985885 to obtain this fix.
NOTES:
1) If factory reset of the appliance is done, then apply this fix after configuration of Access Appliance.
2) If you have applied this fix on Access Appliance version 7.4.2 and wants to upgrade to Access Appliance version 7.4.2.100, follow below steps:
- Uninstall the EEB (Etrack 3985885) from Access Appliance version 7.4.2
- Upgrade the Access Appliance from version 7.4.2 to 7.4.2.100
- Install the EEB (Etrack 3985885) again after upgrading the appliance to version 7.4.2.100
References
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.