115 matches found
CVE-2023-32569
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers who must have admin credentials to submit arbitrary SQL...
PT-2023-23879 · Veritas · Veritas Infoscale Operations Manager
Name of the Vulnerable Software and Affected Versions: Veritas InfoScale Operations Manager versions prior to 7.4.2.800 Veritas InfoScale Operations Manager versions 8.x prior to 8.0.410 Description: An issue in the InfoScale VIOM web application allows SQL Injection attacks in certain areas,...
CVE-2023-32568
CVE-2023-32568: Veritas InfoScale Operations Manager (VIOM) affects VIOM before 7.4.2.800 and 8.x before 8.0.410. The web application does not validate user-supplied data and appends it to OS commands and internal binaries, enabling an attacker with root/administrator privileges to read sensitive...
PT-2023-8939 · Veritas · Veritas Infoscale Operations Manager
Name of the Vulnerable Software and Affected Versions: Veritas InfoScale Operations Manager versions prior to 7.4.2.800 Veritas InfoScale Operations Manager versions 8.x prior to 8.0.410 Description: The issue arises from the VIOM web application's failure to validate user-supplied data, which is...
Veritas Infoscale Operations Manager跨站脚本漏洞
Veritas Infoscale Operations Manager is a suite of software from Veritas, Inc. for the management of entire InfoScale deployments. A cross-site scripting vulnerability exists in Veritas InfoScale Operations Manager, which stems from a lack of filtering and escaping of user-submitted parameters in...
Veritas InfoScale Operations Manager路径遍历漏洞
Veritas Infoscale Operations Manager is a suite of software from Veritas USA for the management of entire InfoScale deployments. Veritas InfoScale Operations Manager is vulnerable to a path traversal vulnerability in the web server admin/cgi-bin/rulemgr.pl/getfile/, which is caused by a lack of...
CVE-2022-26484
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...
CVE-2022-26484
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...
CVE-2022-26483
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...
CVE-2022-26483
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...
CVE-2022-26483
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...
CVE-2022-26484
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...
Directory traversal
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...
Cross site scripting
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...
CVE-2022-26484
Veritas InfoScale Operations Manager (VIOM) is affected by CVE-2022-26484. The issue is a directory traversal vulnerability in the web server’s admin/cgi-bin/rulemgr.pl/getfile/ path, enabling a remote authenticated administrator to read arbitrary files on the system by manipulating resource name...
CVE-2022-26484
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...
CVE-2022-26483
Veritas InfoScale Operations Manager (VIOM) is affected by CVE-2022-26483. A reflected cross-site scripting (XSS) vulnerability exists in admin/cgi-bin/listdir.pl that allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter due to insufficient ...
CVE-2022-26483
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...
Veritas InfoScale Operations Manager路径遍历漏洞
Veritas Infoscale Operations Manager is a suite of software from Veritas USA for the management of entire InfoScale deployments. Veritas InfoScale Operations Manager is vulnerable to a path traversal vulnerability in the web server admin/cgi-bin/rulemgr.pl/getfile/, which is caused by a lack of...
The vulnerability of the Veritas InfoScale backup and data storage application, the Veritas Access data storage system, and the Veritas Cluster Server (VCS) application for clustering open systems lies in the absence of measures to clean incoming data. This allows a malicious actor to execute arbitrary commands.
The vulnerability of the Veritas InfoScale backup and data storage application, the Veritas Access data storage system, and the Veritas Cluster Server VCS for clustering open systems is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote...