CVE-2021-44677

An issue 1 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

Deserialization of untrusted data

An issue 3 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

Deserialization of untrusted data

An issue 4 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

Deserialization of untrusted data

An issue 5 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

Deserialization of untrusted data

An issue 6 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

Deserialization of untrusted data

An issue 2 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

CVE-2021-44677

CVE-2021-44677 relates to Veritas Enterprise Vault (14.1.2 and earlier) startup behavior that launches multiple services listening on random .NET Remoting TCP ports. The linked ZDI advisory (ZDI-21-1592) documents a deserialization flaw in EVExchangeWebServicesProxy.exe that allows unauthenticate...

CVE-2021-44678

Veritas Enterprise Vault

CVE-2021-44678

An issue 2 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

CVE-2021-44679

The CVE-2021-44679 issue affects Veritas Enterprise Vault (up to version 14.1.2). The vulnerability arises during startup when Enterprise Vault launches multiple services that listen on random .NET Remoting TCP ports and on local IPC channels. The underlying problem is deserialization of untruste...

CVE-2021-44679

An issue 3 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

CVE-2021-44680

An issue 4 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

CVE-2021-44680

Veritas Enterprise Vault up to version 14.1.2 is affected by a deserialization flaw in EVMonitoring.exe that enables remote code execution. The issue arises from the lack of proper validation of untrusted data in the .NET Remoting-based TCP services (and local IPC services) started on startup, wh...

CVE-2021-44681

An issue 5 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

CVE-2021-44682

An issue 6 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

CVE-2021-44682

Veritas Enterprise Vault (up to 14.1.2) exposes Deserialization of untrusted data via .NET Remoting TCP ports and local IPC services started on startup. The root cause is improper deserialization in EVStorageQueueBroker.exe, enabling a remote attacker to execute code on affected installations. Ex...

Veritas Enterprise Vault 代码问题漏洞

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and earlier versions, where Enterprise Vault application startup launches multiple services that listen for commands...

Veritas Enterprise Vault 代码问题漏洞

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions where the Enterprise Vault application starts multiple services that listen for commands from the...

Veritas Enterprise Vault 代码问题漏洞

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions where the Enterprise Vault application starts multiple services that listen for commands from the...

Veritas Enterprise Vault 代码问题漏洞

Veritas Enterprise Vault is an enterprise-class file protection, archive automation software from Veritas, Inc. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions, where Enterprise Vault applications start multiple services that listen on NET Remoting TCP port t...