Arbitrary File Upload and Remote Command Execution Vulnerability in Veritas InfoScale Operations Manager (VIOM)

Arbitrary File Upload and Remote Command Execution Vulnerability in Veritas InfoScale Operations Manager (VIOM)

CVE-2023-38404 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM) before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server.

Learn more about our Web App Pen Testing.