Vulnerabilities (CVE)

Filtered by vendor Nakivo Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-15851 1 Nakivo 1 Backup \& Replication Transporter 2024-11-21 7.5 HIGH 9.8 CRITICAL
Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories.
CVE-2020-15850 2 Linux, Nakivo 2 Linux Kernel, Backup \& Replication Director 2024-11-21 7.2 HIGH 7.8 HIGH
Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is readable.