The Agent service in Iron Mountain Connected Backup 8.4 allows remote malicious users to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to the System.getRunTime.exec method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ironmountain connected backup 8.4 |