Security Advisory

CVE-2023-0745

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-09 16:08:57

Last updated 2025-03-24 18:33:37

Assigner Yugabyte

State PUBLISHED

Description

The High Availability functionality of Yugabyte Anywhere can be abused to write arbitrary files through the backup upload endpoint by using path traversal characters. This vulnerability is associated with program files PlatformReplicationManager.Java. This issue affects YugabyteDB Anywhere: from 2.0.0.0 through 2.13.0.0

← Browse all CVEs View on cve.org ↗