An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level privileges can leverage this to read sensitive data stored on the servers, modify data or server configuration, and delete data or application configuration.
References
Link | Resource |
---|---|
https://www.veritas.com/content/support/en_US/security/VTS23-007 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-10T00:00:00
Updated: 2023-05-10T00:00:00
Reserved: 2023-05-10T00:00:00
Link: CVE-2023-32568
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-10T05:15:11.990
Modified: 2023-05-16T20:09:16.343
Link: CVE-2023-32568
JSON object: View
Redhat Information
No data.
CWE