{"api_version":"1","generated_at":"2026-04-22T23:20:45+00:00","cve":"CVE-2020-12875","urls":{"html":"https://cve.report/CVE-2020-12875","api":"https://cve.report/api/cve/CVE-2020-12875.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-12875","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-12875"},"summary":{"title":"CVE-2020-12875","description":"Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2020-05-14 20:15:00","updated_at":"2020-05-15 18:01:00"},"problem_types":["CWE-863"],"metrics":[],"references":[{"url":"https://www.veritas.com/content/support/en_US/security/VTS20-003","name":"https://www.veritas.com/content/support/en_US/security/VTS20-003","refsource":"MISC","tags":["Vendor Advisory"],"title":"Security Advisory for APTARE 10.4 | Veritas™","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-12875","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-12875","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"12875","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"veritas","cpe5":"aptare","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"12875","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"veritas","cpe5":"aptare","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2020-12875","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://www.veritas.com/content/support/en_US/security/VTS20-003","refsource":"MISC","name":"https://www.veritas.com/content/support/en_US/security/VTS20-003"}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AC:L/AV:N/A:L/C:L/I:L/PR:L/S:U/UI:N","version":"3.0"}}},"nvd":{"publishedDate":"2020-05-14 20:15:00","lastModifiedDate":"2020-05-15 18:01:00","problem_types":["CWE-863"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":6.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.5},"severity":"MEDIUM","exploitabilityScore":8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:veritas:aptare:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"12875","Ordinal":"174048","Title":"CVE-2020-12875","CVE":"CVE-2020-12875","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"12875","Ordinal":"1","NoteData":"Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"12875","Ordinal":"2","NoteData":"2020-05-14","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"12875","Ordinal":"3","NoteData":"2020-05-14","Type":"Other","Title":"Modified"}]}}}