3 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. Existe una vulnerabilidad de denegación de servicio en Arcserve Unified Data Protection 9.2 y 8.1 en ASNative.dll. • https://www.tenable.com/security/research/tra-2024-07 • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

A path traversal vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.servlet.ImportNodeServlet. Existe una vulnerabilidad de path traversal en Arcserve Unified Data Protection 9.2 y 8.1 en edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.servlet.ImportNodeServlet. • https://www.tenable.com/security/research/tra-2024-07 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin() function within wizardLogin. Existe una vulnerabilidad de omisión de autenticación en Arcserve Unified Data Protection 9.2 y 8.1 en la función edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin() dentro de WizardLogin. • https://www.tenable.com/security/research/tra-2024-07 • CWE-287: Improper Authentication •