Unprotected Access to Device/VM Restore Mount Points in Datto ALTO and SIRIS Devices

Unprotected Access to Device/VM Restore Mount Points in Datto ALTO and SIRIS Devices

CVE-2015-9256 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default.

Learn more about our Web Application Penetration Testing UK.