BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
arcserve_d2d | eq | 15.0.114 |