📦

connected_backup

Vendor: ironmountain

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 1.99% Exploit Prob.

Latest CVE CVE-2017-14355 Dec 05

Security Vulnerability Index

Page 1 / 1

7.8 CVSS

CVE-2017-14355

Exploit Found

A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege.

EPSS: 0.35%

Severity: HIGH

Dec 05, 2017

10.0 CVSS

CVE-2011-2397

RCE

The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to the System.getRunTime.exec method.

EPSS: 3.64%

Severity: HIGH

Dec 05, 2011

Displaying 2 of 2 Total Entries

Total 1 Sections