Vulnerabilities > Arcserve > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-27 | CVE-2023-41998 | Unrestricted Upload of File with Dangerous Type vulnerability in Arcserve UDP Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. | 9.8 |
| 2023-11-27 | CVE-2023-41999 | Improper Authentication vulnerability in Arcserve UDP An authentication bypass exists in Arcserve UDP prior to version 9.2. | 9.8 |
| 2023-11-27 | CVE-2023-42000 | Path Traversal vulnerability in Arcserve UDP Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). | 9.8 |
| 2023-07-03 | CVE-2023-26258 | Incorrect Authorization vulnerability in Arcserve UDP Arcserve UDP through 9.0.6034 allows authentication bypass. | 9.8 |
| 2015-05-29 | CVE-2015-4068 | Path Traversal vulnerability in Arcserve Unified Data Protection Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1) reportFileServlet or (2) exportServlet servlet. | 9.4 |