Filtered by vendor Arcserve
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41999 | 1 Arcserve | 1 Udp | 2024-01-10 | N/A | 9.8 CRITICAL |
| An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote attacker can obtain a valid authentication identifier that allows them to authenticate to the management console and perform tasks that require authentication. | |||||
| CVE-2023-42000 | 1 Arcserve | 1 Udp | 2024-01-10 | N/A | 9.8 CRITICAL |
| Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed. | |||||
| CVE-2023-41998 | 1 Arcserve | 1 Udp | 2023-12-02 | N/A | 9.8 CRITICAL |
| Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and execute arbitrary files. | |||||