Ironmountain

ironmountain

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-9588 1Ironmountain 1Envision Jun 5, 2026 Sep 23, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 25...Show more Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 250563.Show less
CVE-2011-2397 1Ironmountain 1Connected Backup Apr 29, 2026 Dec 5, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to...Show more The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to the System.getRunTime.exec method.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2025-9588

1Ironmountain

1Envision

Jun 5, 2026

Sep 23, 2025

N/A· v4

9.8 CRITICAL· v3

N/A· v2

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 25...Show more

CVE-2011-2397

1Ironmountain

1Connected Backup

Apr 29, 2026

Dec 5, 2011

N/A· v4

N/A· v3

10.0 HIGH· v2

The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to...Show more