Unauthenticated Arbitrary File Read/Write Vulnerability in Multiple Services

Unauthenticated Arbitrary File Read/Write Vulnerability in Multiple Services

CVE-2023-30945 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well.

Learn more about our Cis Benchmark Audit For Server Software.