CVE-2024-27283

EPSS 0.38%
Published 22.02.2024 05:15:10
Last modified 06.05.2025 17:33:16
Source cve@mitre.org
Teams watchlist Login
Open Login

A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Veritas ≫ Ediscovery Platform Version < 10.2.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.38%	0.588

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cve@mitre.org	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://www.veritas.com/support/en_US/security/VTS23-020

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-27283

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27283

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27283

EUVD