First published: Fri Oct 26 2018(Updated: )
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Arcserve UDP | =6.0 | |
Arcserve UDP | =6.0-1 | |
Arcserve UDP | =6.0-2 | |
Arcserve UDP | =6.0-3 | |
Arcserve UDP | =6.5 | |
Arcserve UDP | =6.5-1 | |
Arcserve UDP | =6.5-2 | |
Arcserve UDP | =6.5-3 | |
Arcserve UDP | =6.5-4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-18657 is an unauthenticated sensitive information disclosure vulnerability in Arcserve Unified Data Protection (UDP) through 6.5 Update 4.
CVE-2018-18657 has a severity rating of 7.5 (high).
CVE-2018-18657 affects Arcserve UDP versions 6.0, 6.0-1, 6.0-2, 6.0-3, 6.5, 6.5-1, 6.5-2, 6.5-3, and 6.5-4.
To fix CVE-2018-18657, update Arcserve UDP to version 6.5 Update 5 or later.
More information about CVE-2018-18657 can be found on the Arcserve support website and Digital Defense blog.