CVE-2025-63909

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files...

PT-2026-22769

An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file...

CVE-2025-63912

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...

CVE-2025-63912

CVE-2025-63912 affects Cohesity TranZman Migration Appliance Release 4.0 Build 14614. The issue is a weak cryptography algorithm used for data encryption (static XOR in some disclosures), allowing an attacker to reverse encryption and expose credentials. Impact is credential exposure as described...

CVE-2025-63910

An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file...

EUVD-2025-208244

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...

CVE-2025-63911

CVE-2025-63911 affects Cohesity TranZman Migration Appliance Release 4.0 Build 14614. The issue is an authenticated command injection in the CLISH restricted shell (CLISH Command Injection). According to connected advisories, the vulnerability is rated CVSS v3.1 by the CVE entry with a base score...