79 matches found
CVE-2025-63912
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...
CVE-2025-63911
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability...
CVE-2025-63910
An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file...
CVE-2025-67840
Multiple authenticated OS command injection vulnerabilities exist in the Cohesity formerly Stone Ram TranZman 4.0 Build 14614 through TZM1757588060SEP2025FULL.depot web application API endpoints including Scheduler and Actions pages. The appliance directly concatenates user-controlled parameters...
CVE-2025-67840
Multiple authenticated OS command injection vulnerabilities exist in the Cohesity formerly Stone Ram TranZman 4.0 Build 14614 through TZM1757588060SEP2025FULL.depot web application API endpoints including Scheduler and Actions pages. The appliance directly concatenates user-controlled parameters...
CVE-2025-63912
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...
CVE-2025-63909
Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files...
CVE-2025-63910
An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file...
CVE-2025-63911
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability...
CVE-2025-63911
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability...
CVE-2025-63910
An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file...
CVE-2025-63909
Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files...
CVE-2025-63912
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...
CVE-2025-63912
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...
PT-2026-22771
Name of the Vulnerable Software and Affected Versions Cohesity TranZman Migration Appliance version 4.0 Build 14614 Description The Cohesity TranZman Migration Appliance utilizes a weak cryptography algorithm for data encryption. This allows attackers to easily reverse the encryption process and...
CVE-2025-63911
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability...
EUVD-2025-208246
Multiple authenticated OS command injection vulnerabilities exist in the Cohesity formerly Stone Ram TranZman 4.0 Build 14614 through TZM1757588060SEP2025FULL.depot web application API endpoints including Scheduler and Actions pages. The appliance directly concatenates user-controlled parameters...
CVE-2025-63909
Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files...
CVE-2025-63910
CVE-2025-63910 is an authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614. Exploitation requires Administrator privileges and leverages uploading a crafted patch file to achieve arbitrary code execution. Impact is tied to post-authenti...
CVE-2025-63910
An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file...