Skip to main content

Veritas InfoScale CVE-2026-44926

| EUVD-2026-31133 HIGH
Improper Access Control (CWE-284)
2026-05-20 mitre GHSA-4pmv-rc9x-737p
Authentication Bypass N A
8.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
May 20, 2026 - 20:23 vuln.today
CVSS changed
May 20, 2026 - 20:22 NVD
8.8 (HIGH)
CVE Published
May 20, 2026 - 00:00 nvd
UNKNOWN (no severity yet)

DescriptionNVD

InfoScale CmdServer before 7.4.2 mishandles access control.

AnalysisAI

Privilege escalation in Veritas InfoScale CmdServer prior to version 7.4.2 allows authenticated remote attackers to bypass access control restrictions and achieve full compromise of confidentiality, integrity, and availability on the targeted host. The flaw is tagged as an authentication bypass by intelligence sources and carries a CVSS 8.8 (High) rating; no public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all Veritas InfoScale CmdServer installations and document current versions; contact Veritas support for patch availability timeline for version 7.4.2. Within 7 days: Implement network segmentation and firewall rules to restrict CmdServer access; enforce principle of least privilege for user accounts; enable comprehensive audit logging. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-44926 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy