Home

Description

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.

PUBLISHED Reserved 2024-11-24 | Published 2024-11-24 | Updated 2024-11-26 | Assigner mitre




CRITICAL: 9.8CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N

References

www.veritas.com/content/support/en_US/security/VTS24-014

cve.org (CVE-2024-53909)

nvd.nist.gov (CVE-2024-53909)

Download JSON