CVE-2023-41998 – Arcserve UDP Unauthenticated RCE
https://notcve.org/view.php?id=CVE-2023-41998
Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and execute arbitrary files. Arcserve UDP anterior a 9.2 contenía una vulnerabilidad en la interfaz com.ca.arcflash.rps.webservice.RPSService4CPMImpl. Existe una rutina que permite a un atacante cargar y ejecutar archivos arbitrarios. • https://www.tenable.com/security/research/tra-2023-37 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-26258
https://notcve.org/view.php?id=CVE-2023-26258
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator. • https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe https://support.arcserve.com/s/article/KB000015720?language=en_US https://www.arcserve.com/products/arcserve-udp https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup • CWE-863: Incorrect Authorization •
CVE-2020-27858 – Arcserve D2D getNews XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-27858
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D 16.5. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity (XXE) references, a specially-crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-20-1397 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2018-18659
https://notcve.org/view.php?id=CVE-2018-18659
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue. Se ha descubierto un problema en Arcserve Unified Data Protection (UDP) hasta la versión 6.5 Update 4. Hay XEE (XML External Entity) no autenticado en DDI-VRT-2018-19 en /management/UdpHttpService. • https://exchange.xforce.ibmcloud.com/vulnerabilities/152033 https://support.arcserve.com/s/article/360001392563?language=en_US https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2018-18657
https://notcve.org/view.php?id=CVE-2018-18657
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue. Se ha descubierto un problema en Arcserve Unified Data Protection (UDP) hasta la versión 6.5 Update 4. Hay una divulgación de información sensible no autenticada en DDI-VRT-2018-18 mediante /gateway/services/EdgeServiceImpl. • https://support.arcserve.com/s/article/360001392563?language=en_US https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •