CVE-2024-0800

HIGH EXPLOITED

Arcserve Unified Data Protection <9.2-8.1 - Path Traversal

Title source: llm
STIX 2.1

Description

A path traversal vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.servlet.ImportNodeServlet.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0026
EPSS Percentile 49.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

VulnCheck KEV 2024-05-09
CWE
CWE-434
Status published
Products (2)
arcserve/udp 8.1
arcserve/udp 9.2
Published Mar 13, 2024
Tracked Since Feb 18, 2026