Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ArcserveUdp

3 matches found

CVE
CVEadded 2023/11/27 5:15 p.m.44 views

CVE-2023-41998

Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and execute arbitrary files.

9.8CVSS9.7AI score0.15294EPSS
CVE
CVEadded 2023/11/27 5:15 p.m.38 views

CVE-2023-42000

Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed.

9.8CVSS9.6AI score0.01245EPSS
CVE
CVEadded 2023/11/27 5:15 p.m.33 views

CVE-2023-41999

An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote attacker can obtain a valid authentication identifier that allows them to authenticate to the management console and perform tasks that require authentication.

9.8CVSS9.8AI score0.00145EPSS