An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-10-26
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-21 Reflected Cross-site Scripting via /authenticationendpoint/domain.jsp issue.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-26
CVE-2015-4068
Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1) reportFileServlet or (2) exportServlet servlet.
Known exploited
CVSS Score
9.1
EPSS Score
0.841
Published
2015-05-29
Page 2