CVE-2023-32568

Name of the Vulnerable Software and Affected Versions Veritas InfoScale Operations Manager versions prior to 7.4.2.800 Veritas InfoScale Operations Manager versions 8.x prior to 8.0.410

Description The issue arises from the VIOM web application's failure to validate user-supplied data, which is then appended to OS commands and internal binaries. This allows an attacker with root or administrator privileges to read sensitive data, modify server configurations, or delete data and application configurations. The vulnerability can be exploited by a remote attacker to execute arbitrary commands.

Recommendations For versions prior to 7.4.2.800, update to version 7.4.2.800 or later. For versions 8.x prior to 8.0.410, update to version 8.0.410 or later.