TranZman Migration Appliance
by Cohesity
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-63912 | Hig | 0.49 | 7.5 | 0.00 | Mar 3, 2026 | Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials. | ||
| CVE-2025-63911 | 0.00 | — | 0.02 | Mar 3, 2026 | Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability. | |||
| CVE-2025-63910 | 0.00 | — | 0.00 | Mar 3, 2026 | An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file. | |||
| CVE-2025-63909 | 0.00 | — | 0.00 | Mar 3, 2026 | Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files. |
- risk 0.49cvss 7.5epss 0.00
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials.
- CVE-2025-63911Mar 3, 2026risk 0.00cvss —epss 0.02
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability.
- CVE-2025-63910Mar 3, 2026risk 0.00cvss —epss 0.00
An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file.
- CVE-2025-63909Mar 3, 2026risk 0.00cvss —epss 0.00
Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files.