Filtered by vendor Datto
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9256 | 1 Datto | 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more | 2018-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default. | |||||
| CVE-2015-9255 | 1 Datto | 16 Alto 2, Alto 2 Firmware, Alto 3 and 13 more | 2018-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information about data, software versions, configuration, and virtual machines via a request to a Web Virtual Directory. | |||||
| CVE-2017-16673 | 1 Datto | 1 Backup Agent | 2017-11-28 | 2.9 LOW | 5.3 MEDIUM |
| Datto Backup Agent 1.0.6.0 and earlier does not authenticate incoming connections. This allows an attacker to impersonate a Datto Backup Appliance to "pair" with the agent and issue requests to this agent, if the attacker can reach the agent on TCP port 25566 or 25568, and send unspecified "specific information" by which the agent identifies a network device that is "appearing to be a valid Datto." | |||||