CVEFinder.io

CVE-2023-38404

⚠️ high
🔍 Scan for this CVE
Summary

The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM) before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server.

CVSS Score
7.2
High
EPSS Score
0.1
Exploit Probability
Published Date
2023-07-17
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 55.5% of all 328,009 vulnerabilities in our database.

#145,998
Above average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: Oct 30, 2024
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-434

📦 Affected Products 1

Vendor Product Status Affected Versions
veritas infoscale_operations_manager Affected
≥ 7.0.0 < 8.0.0.410

🔗 References 1

https://www.veritas.com/content/support/en_US/securi...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-44923 🔶 medium 6.5 0.0 SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges. 2026-05-20
CVE-2026-44924 🔶 medium 5.4 0.0 InfoScale VIOM 9.1.3 allows XSS. 2026-05-20
CVE-2026-44925 ⚠️ high 8.8 0.0 Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to for... 2026-05-20
CVE-2023-32568 ⚠️ high 7.2 0.3 An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The VIOM... 2023-05-10
CVE-2023-32569 ⚠️ high 7.2 0.3 An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The Info... 2023-05-10
CVE-2022-26483 🔶 medium 4.8 0.2 An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch... 2022-03-04
These CVEs affect the same products