CVE-2015-4068

Name of the Vulnerable Software and Affected Versions Arcserve Unified Data Protection (UDP) versions prior to 5.0 Update 4

Description The issue allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1) "reportFileServlet" or (2) "exportServlet" servlet. This can lead to information disclosure or service disruption.

Recommendations For versions prior to 5.0 Update 4, update to version 5.0 Update 4 or later to resolve the issue. As a temporary workaround, consider restricting access to the "reportFileServlet" and "exportServlet" servlets until a patch is applied.