← Back to CVEs
CVE-2023-38404
HIGH7.2
Description
The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM) before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server.
CVE Details
CVSS v3.1 Score7.2
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published7/17/2023
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
veritas:infoscale_operations_manager
Weaknesses (CWE)
CWE-434
References
https://www.veritas.com/content/support/en_US/security/VTS23-009(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.