CVE-2024-27283

EPSS 0.38%
Veröffentlicht 22.02.2024 05:15:10
Zuletzt bearbeitet 06.05.2025 17:33:16
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Veritas ≫ Ediscovery Platform Version < 10.2.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.588

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cve@mitre.org	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://www.veritas.com/support/en_US/security/VTS23-020

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-27283

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27283

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27283

EUVD