Veritas InfoScale Operations Manager (VIOM) 8.0.0
Approved changes feed: RSS · Atom
cpe:2.3:a:veritas:infoscale_operations_manager:8.0.0:*:*:*:*:*:*:*
part: a version: 8.0.0 update: *
| Vendor | Veritas (cb1a4886-9e3d-5084-9dc0-dbd7648341f5) |
|---|---|
| Product | Infoscale Operations Manager (8d28526f-1137-5319-a900-7a3d513fbce9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-26484 |
vulnerable | 2026-06-03 14:46:43.236419 |
Details available
MEDIUM (4.9)
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files.
Published: 2022-03-04T18:23:26.000Z
Updated: 2024-08-03T05:03:32.801Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-26483 |
vulnerable | 2026-06-03 14:46:43.235936 |
Details available
MEDIUM (4.8)
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).
Published: 2022-03-04T18:23:11.000Z
Updated: 2024-08-03T05:03:32.968Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.