Cross-Site Request Forgery Vulnerability in InfoScale Operations Manager by Veritas
CVE-2026-44925

8.8HIGH

Key Information:

Vendor: Veritas
Status: InfoScale Operations Manager
Vendor: CVE Published:; 20 May 2026

What is CVE-2026-44925?

A Cross-Site Request Forgery (CSRF) vulnerability in the InfoScale Operations Manager v.9.1.3 permits attackers to exploit active user sessions. This enables unauthorized modifications to the VIOM web application by tricking users into clicking on malicious links, thereby compromising the security and integrity of the application without the user's awareness.

References

https://www.veritas.com/support/en_US/doc/120571566-16675...

https://supportinfoscale.cloud.com/support-home/kbsearch/...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
May 8, 2026

CVE-2026-44925 Data

JSON