CVE-2023-42000
CVSS V2 None
CVSS V3 None
Description
Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed.
Overview
- CVE ID
- CVE-2023-42000
- Assigner
- tenable
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-27T16:55:39.466Z
- Last Modified Date
- 2024-01-10T22:50:45.332Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2023-37 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-42000 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42000 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 13:52:02 | Added to TrackCVE |