Primary

Context

Veritas InfoScale Operations Manager SQL Injection Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

A SQL injection vulnerability has been identified in Veritas InfoScale Operations Manager (IOM) versions prior to 9.1.3. This vulnerability allows remote attackers to escalate privileges by gaining unauthorized access to the underlying database without authentication.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the database, allowing attackers to manipulate or extract data, potentially leading to further privilege escalation or exploitation of additional vulnerabilities.

Remediation

Affected users are advised to upgrade to Veritas InfoScale Operations Manager version 9.1.3 or later. Instructions for upgrading managed hosts to version 9.0 are available in the Arctera InfoScale Operations Manager 9.0 Installation and Configuration Guide.

Added: May 20, 2026, 5:21 PM

Updated: May 20, 2026, 5:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

7.8

remediation

7.7

relevance

8.9

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

7.8

remediation

7.7

relevance

8.9

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Veritas InfoScale Operations Manager SQL Injection Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Cloud Software Group InfoScale Operations Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating