Arcserve Unified Data Protection Denial of Service Vulnerability
CVE-2024-0801

7.5HIGH

Key Information:

Vendor: Arcserve
Status: Unified Data Protection
Vendor: CVE Published:; 13 March 2024

What is CVE-2024-0801?

A vulnerability exists in Arcserve Unified Data Protection software due to improper handling of requests in ASNative.dll. This flaw may allow an attacker to initiate a denial of service condition, disrupting the availability and performance of the affected software versions 9.2 and 8.1. It is crucial for users to review their systems for this vulnerability to mitigate potential risks.

Affected Version(s)

Unified Data Protection 0 <= 9.2

Unified Data Protection 0 <= 8.1

References

https://www.tenable.com/security/research/tra-2024-07

EPSS Score

63% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2024
Vulnerability Reserved
Jan 22, 2024

JSON