Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-44682
HistoryDec 06, 2021 - 10:15 p.m.

Deserialization of untrusted data

2021-12-0622:15:00
PRIOn knowledge base
www.prio-n.com
4

9.3 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor’s security alert for this vulnerability (VTS21-003, ZDI-CAN-14079).

CPENameOperatorVersion
enterprise_vaultle14.1.2

Related

cve 1
cvelist 1
nvd 1
zdi 1
cnvd 1
cve
cve
CVE-2021-44682
2021-12-06 22:15:08
cvelist
cvelist
CVE-2021-44682
2021-12-06 21:56:09
nvd
nvd
CVE-2021-44682
2021-12-06 22:15:08
zdi
zdi
Veritas Enterprise Vault EVStorageQueueBroker Deserialization of Untrusted Data Remote Code Execution Vulnerability
2021-12-23 00:00:00
cnvd
cnvd
Veritas Enterprise Vault code issue vulnerability
2021-12-08 00:00:00

9.3 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON
Related for PRION:CVE-2021-44682
cve1cvelist1nvd1zdi1cnvd1