Vulnerabilities > Cohesity

DATE CVE VULNERABILITY TITLE RISK
2024-01-19 CVE-2023-33295 Unspecified vulnerability in Cohesity Dataplatform
Cohesity DataProtect prior to 6.8.1_u5 or 7.1 was discovered to have a incorrect access control vulnerability due to a lack of TLS Certificate Validation.
network
low complexity
cohesity
6.5
2021-08-06 CVE-2021-36795 Incorrect Default Permissions vulnerability in Cohesity Linux Agent
A permission issue in the Cohesity Linux agent may allow privilege escalation in version 6.5.1b to 6.5.1d-hotfix10, 6.6.0a to 6.6.0b-hotfix1.
local
low complexity
cohesity CWE-276
7.8
2021-04-02 CVE-2021-28124 Missing Authentication for Critical Function vulnerability in Cohesity Dataplatform 6.3/6.4/6.5.1
A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b.
network
high complexity
cohesity CWE-306
5.9
2021-04-02 CVE-2021-28123 Insecure Default Initialization of Resource vulnerability in Cohesity Dataplatform 6.3/6.4/6.5.1
Undocumented Default Cryptographic Key Vulnerability in Cohesity DataPlatform version 6.3 prior 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b.
network
low complexity
cohesity CWE-1188
critical
9.8
2019-07-12 CVE-2019-11242 Improper Certificate Validation vulnerability in Cohesity Dataplatform
A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform version 5.x and 6.x prior to 6.1.1c.
network
high complexity
cohesity CWE-295
8.1