Volerion logoVolerion
Volerion logoVolerion

Arcserve Unified Data Protection Authentication Bypass Vulnerability

Vulnerability

A vulnerability allowing authentication bypass has been identified in Arcserve Unified Data Protection (UDP) versions prior to 10.2. This flaw enables unauthenticated attackers to access protected functionalities or user accounts by manipulating request parameters or exploiting logic flaws to bypass login mechanisms. As a result, attackers can gain unauthorized access to administrator-level features.

Impact

Exploitation of this vulnerability allows unauthorized access to administrator-level functionalities, potentially leading to further exploitation of the application or its data.

Remediation

Users can upgrade to Arcserve UDP 10.2, which includes the necessary patches. For those using Arcserve UDP versions 8.0 through 10.1, patches are available and can be applied. Customers on unsupported versions (UDP 7.x and earlier) should urgently upgrade to UDP 10.2.

Added: Aug 27, 2025, 10:19 PM
Updated: Aug 27, 2025, 10:19 PM

Vulnerability Rating

Custom Algorithm
spread
4.5
impact
5.0
exploitability
7.0
remediation
7.7
relevance
0.4
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.