CVE-2023-38404

Name of the Vulnerable Software and Affected Versions Veritas InfoScale Operations Manager (VIOM) versions prior to 8.0.0.410

Description The issue allows an authenticated attacker to upload all types of files to the server, which can then be executed to perform command execution on the remote server. This enables the attacker to potentially gain control over the server.

Recommendations For versions prior to 8.0.0.410, update to version 8.0.0.410 or later to resolve the issue. As a temporary workaround, consider restricting file upload capabilities in the XPRTLD web application to minimize the risk of exploitation.