Nakivo Backup & Replication Director 9.4.0.r43656

CPE Details

Nakivo Backup & Replication Director 9.4.0.r43656
nakivo
backup_\&_replication_director
9.4.0.r43656
2021-01-28
15h19 +00:00
2021-01-28
15h19 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:nakivo:backup_\&_replication_director:9.4.0.r43656:*:*:*:*:*:*:*

Informations

Vendor

nakivo

Product

backup_\&_replication_director

Version

9.4.0.r43656

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-48248 2025-03-04 00h00 +00:00 NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
8.6
High
CVE-2020-15850 2020-09-24 18h23 +00:00 Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is readable.
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.