Lucene search
TenableCVE-2024-0799HistoryMar 13, 2024 - 7:15 p.m.
CVE-2024-0799
2024-03-1319:15:46
CWE-287
tenable
web.nvd.nist.gov
28
cve-2024-0799
authentication bypass
arcserve unified data protection
vulnerability
edgeloginserviceimpl
nvd
security
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0
Percentile
9.0%
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin() function within wizardLogin.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Unified Data Protection",
"vendor": "Arcserve",
"versions": [
{
"lessThanOrEqual": "9.2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
prion
prion
Authentication flaw
2024-03-13 19:15:00
nessus
nessus
Arcserve UDP Console Authentication Bypass (CVE-2024-0799)
2024-03-19 00:00:00
nvd
nvd
CVE-2024-0799
2024-03-13 19:15:46
cvelist
cvelist
vulnrichment
vulnrichment
thn
thn
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-0799