6 matches found
EUVD-2015-7184
Malware in sbrugna...
Commvault Edge Server Web Console OS Command Injection Vulnerability
Commvault Edge Server is a suite of Simpana-based software that provides end-users with automated data protection and instant access. A security vulnerability in the web console of Commvault Edge Server allows remote attackers to execute arbitrary OS commands using specially crafted serialized da...
CVE-2015-7253
The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie...
Design/Logic Flaw
The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie...
CVE-2015-7253
The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie...
Commvault Edge Server deserializes cookie data insecurely
Overview Commvault Edge Server, version 10 R2, deserializes untrusted, user-provided cookie data, resulting in arbitrary OS command execution with the web server's privileges. Description CWE-502: Deserialization of Untrusted Data - CVE-2015-7253Commvault Edge Server, version 10 R2, deserializes...