CVE-2024-27283

Published: Feb 22, 2024Modified: May 6, 2025

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed.

Affected (1)

Products: Veritas: Ediscovery Platform

Veritas

1 product

Ediscovery Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Veritas Ediscovery Platform	Before 10.2.5

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://www.veritas.com/support/en_US/security/VTS23-020

Source: cve@mitre.org

Vendor Advisory

https://www.veritas.com/support/en_US/security/VTS23-020

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.