An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.

VMware Security Blog


Get the latest from VMware's security business including strategy, implementation, best practices, and updates from members of our staff.

Listed: