CVE-2021-27876

Published Mar 1, 2021

Last updated 7 months ago

Veritas Backup Exec

Overview

AI description

Automated description summarized from trusted sources.

CVE-2021-27876 is a vulnerability found in Veritas Backup Exec versions before 21.2. The vulnerability lies in the SHA authentication scheme used for communication between a client and an agent, which is typically done over TLS. Due to this vulnerability, an attacker can gain unauthorized access and complete the authentication process. This allows the client to execute data management protocol commands on the authenticated connection and access arbitrary files on the system with System privileges by using crafted input parameters.

Description: An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. By using crafted input parameters in one of these commands, an attacker can access an arbitrary file on the system using System privileges.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 7.8
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:P/A:N

Known exploits

Data from CISA

Vulnerability name: Veritas Backup Exec Agent File Access Vulnerability
Exploit added on: Apr 7, 2023
Exploit action due: Apr 28, 2023
Required action: Apply updates per vendor instructions.

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-26857 (Exchange On-Pre..) +210.76% - CVE-2022-26500 (Veeam Backup & ..) +24.70% - CVE-2015-2291 (IQVW32.sys (BYO..) +22.80% - CVE-2023-27532 (Veeam Backup & ..) +17.62% - CVE-2021-27876 (Verit
@DefusedCyber
22 Sept 2025
10416 Impressions
13 Retweets
89 Likes
63 Bookmarks
1 Reply
1 Quote

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:veritas:backup_exec:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E6F2EEE-7E5A-4EA1-87F2-97C26EAE8FCC",
            "versionEndExcluding": "21.2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.