VYPR

InfoScale Operations Manager

by Symantec

CVEs (7)

  • CVE-2020-36166CriJan 6, 2021
    risk 0.60cvss 9.3epss 0.00

    An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager (aka VIOM) Windows Management Server 7.x through 7.4.2. On start-up, it loads the…

  • CVE-2023-38404HigJul 17, 2023
    risk 0.47cvss 7.2epss 0.01

    The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM) before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server.

  • CVE-2023-32569HigMay 10, 2023
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to…

  • CVE-2023-32568HigMay 10, 2023
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with…

  • CVE-2026-44923MedMay 20, 2026
    risk 0.42cvss 6.5epss 0.00

    SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges.

  • CVE-2022-26484MedMar 4, 2022
    risk 0.32cvss 4.9epss 0.03

    An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on…

  • CVE-2022-26483MedMar 4, 2022
    risk 0.31cvss 4.8epss 0.00

    An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web…