CVE-2015-4069
N/A
N/A
Summary
The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive credentials via a crafted SOAP request to the (1) getBackupPolicy or (2) getBackupPolicies method.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/74838
- http://documentation.arcserve.com/Arcserve-UDP/Available/V5/ENU/Bookshelf_Files/HTML/Update%204/UDP_Update4_ReleaseNotes.html
- http://www.zerodayinitiative.com/advisories/ZDI-15-243/
- http://www.zerodayinitiative.com/advisories/ZDI-15-244/
References
- http://www.securityfocus.com/bid/74838
- http://documentation.arcserve.com/Arcserve-UDP/Available/V5/ENU/Bookshelf_Files/HTML/Update%204/UDP_Update4_ReleaseNotes.html
- http://www.zerodayinitiative.com/advisories/ZDI-15-243/
- http://www.zerodayinitiative.com/advisories/ZDI-15-244/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.