CVE-2023-42000 – Arcserve UDP Agent Unauthenticated Path Traversal File Upload
https://notcve.org/view.php?id=CVE-2023-42000
Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed. Arcserve UDP anterior a 9.2 contiene una vulnerabilidad de Path Traversal en com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). Un atacante remoto no autenticado puede aprovecharlo para cargar archivos arbitrarios en cualquier ubicación del sistema de archivos donde esté instalado el agente UDP. • https://www.tenable.com/security/research/tra-2023-37 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-41999 – Arcserve UDP Management Authentication Bypass
https://notcve.org/view.php?id=CVE-2023-41999
An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote attacker can obtain a valid authentication identifier that allows them to authenticate to the management console and perform tasks that require authentication. Existe una omisión de autenticación en Arcserve UDP antes de la versión 9.2. Un atacante remoto no autenticado puede obtener un identificador de autenticación válido que le permita autenticarse en la consola de administración y realizar tareas que requieran autenticación. • https://www.tenable.com/security/research/tra-2023-37 • CWE-287: Improper Authentication •
CVE-2023-41998 – Arcserve UDP Unauthenticated RCE
https://notcve.org/view.php?id=CVE-2023-41998
Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and execute arbitrary files. Arcserve UDP anterior a 9.2 contenía una vulnerabilidad en la interfaz com.ca.arcflash.rps.webservice.RPSService4CPMImpl. Existe una rutina que permite a un atacante cargar y ejecutar archivos arbitrarios. • https://www.tenable.com/security/research/tra-2023-37 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-26258
https://notcve.org/view.php?id=CVE-2023-26258
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator. • https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe https://support.arcserve.com/s/article/KB000015720?language=en_US https://www.arcserve.com/products/arcserve-udp https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup • CWE-863: Incorrect Authorization •
CVE-2018-18659
https://notcve.org/view.php?id=CVE-2018-18659
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue. Se ha descubierto un problema en Arcserve Unified Data Protection (UDP) hasta la versión 6.5 Update 4. Hay XEE (XML External Entity) no autenticado en DDI-VRT-2018-19 en /management/UdpHttpService. • https://exchange.xforce.ibmcloud.com/vulnerabilities/152033 https://support.arcserve.com/s/article/360001392563?language=en_US https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure • CWE-611: Improper Restriction of XML External Entity Reference •