Remote Credential Exposure in Arcserve UDP by CA Technologies
CVE-2015-4069

Currently unrated

Key Information:

Vendor

Arcserve

Status
Arcserve Unified Data Protection
Vendor
CVE Published:
29 May 2015

What is CVE-2015-4069?

A vulnerability exists in the EdgeServiceImpl web service of Arcserve UDP prior to version 5.0 Update 4, allowing remote attackers to exploit crafted SOAP requests. This could potentially enable them to retrieve sensitive credentials by invoking the 'getBackupPolicy' or 'getBackupPolicies' methods, compromising the integrity and confidentiality of user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/74838
vdb-entryx_refsource_BID
http://documentation.arcserve.com/Arcserve-UDP/Available/...
x_refsource_CONFIRM
http://www.zerodayinitiative.com/advisories/ZDI-15-243/
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.