VYPR

Data Insight

by Symantec

CVEs (5)

  • CVE-2024-46542MedDec 30, 2024
    risk 0.42cvss 6.5epss 0.01

    Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks.

  • CVE-2025-43704MedApr 16, 2025
    risk 0.31cvss 4.7epss 0.00

    Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use HTTP Basic Authentication to a Dell Isilon OneFS server.

  • CVE-2024-47854Oct 4, 2024
    risk 0.00cvss epss 0.01

    An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.

  • CVE-2014-3433Jun 27, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field, related to an "HTML script injection" issue.

  • CVE-2014-3432Jun 27, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.

VYPR — Vulnerability Intelligence