Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arcserve arcserve unified data protection vulnerabilities and exploits
(subscribe to this query)
9.4
CVSSv2
CVE-2015-4068
Directory traversal vulnerability in Arcserve UDP prior to 5.0 Update 4 allows remote malicious users to obtain sensitive information or cause a denial of service via a crafted file path to the (1) reportFileServlet or (2) exportServlet servlet.
Arcserve Arcserve Unified Data Protection
7.8
CVSSv2
CVE-2015-4069
The EdgeServiceImpl web service in Arcserve UDP prior to 5.0 Update 4 allows remote malicious users to obtain sensitive credentials via a crafted SOAP request to the (1) getBackupPolicy or (2) getBackupPolicies method.
Arcserve Arcserve Unified Data Protection
4.3
CVSSv2
CVE-2018-18660
An issue exists in Arcserve Unified Data Protection (UDP) up to and including 6.5 Update 4. There is a DDI-VRT-2018-21 Reflected Cross-site Scripting via /authenticationendpoint/domain.jsp issue.
Arcserve Udp 6.5
Arcserve Udp
5
CVSSv2
CVE-2018-18659
An issue exists in Arcserve Unified Data Protection (UDP) up to and including 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue.
Arcserve Udp 6.0
Arcserve Udp 6.5
5
CVSSv2
CVE-2018-18657
An issue exists in Arcserve Unified Data Protection (UDP) up to and including 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue.
Arcserve Udp 6.5
Arcserve Udp 6.0
5
CVSSv2
CVE-2018-18658
An issue exists in Arcserve Unified Data Protection (UDP) up to and including 6.5 Update 4. There is a DDI-VRT-2018-20 Unauthenticated Sensitive Information Disclosure via /UDPUpdates/Config/FullUpdateSettings.xml issue.
Arcserve Udp 6.5
Arcserve Udp 6.0
NA
CVE-2024-0801
A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll.
NA
CVE-2024-0800
A path traversal vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.servlet.ImportNodeServlet.
NA
CVE-2024-0799
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin() function within wizardLogin.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started