Arcserve Unified Data Protection Denial of Service Vulnerability
CVE-2024-0801

7.5HIGH

Key Information:

Vendor: Arcserve
Status: Unified Data Protection
Vendor: CVE Published:; 13 March 2024

Summary

A vulnerability exists in Arcserve Unified Data Protection software due to improper handling of requests in ASNative.dll. This flaw may allow an attacker to initiate a denial of service condition, disrupting the availability and performance of the affected software versions 9.2 and 8.1. It is crucial for users to review their systems for this vulnerability to mitigate potential risks.

Affected Version(s)

Unified Data Protection 0 <= 9.2

Unified Data Protection 0 <= 8.1

References

https://www.tenable.com/security/research/tra-2024-07

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 13, 2024
Vulnerability Reserved
Jan 22, 2024