2 matches found
Deserialization of untrusted data
An issue 6 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44682
Veritas Enterprise Vault (up to 14.1.2) exposes Deserialization of untrusted data via .NET Remoting TCP ports and local IPC services started on startup. The root cause is improper deserialization in EVStorageQueueBroker.exe, enabling a remote attacker to execute code on affected installations. Ex...