CVE-2025-63910

High CVSS: 7.2

An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file.

Vendor

Cohesity

Product

Tranzman

CWE

CWE-345

Yayın Tarihi

2026-03-03 18:16:23

Güncelleme

2026-03-05 00:25:31

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-345 Tranzman HIGH Cohesity 2026

Referanslar

https://docs.stoneram.com/index.php/Tranzman https://gist.github.com/GregDurys/74c36c36bef81293a42022758f2736a9 https://github.com/GregDurys/Cohesity-TranZman-CVEs

Benzer Kayıtlar

High

CVE-2025-67840

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity (formerly Stone Ram) TranZman 4.0 Buil…

High

CVE-2025-63909

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.…

High

CVE-2025-63911

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injecti…

High

CVE-2025-63912

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for da…