nakivo CVE Vulnerabilities & CVE List (4)

Products (CPE): — CVEs: 4

nakivo vulnerability overview

Aggregates CVE and security vulnerability intelligence across all nakivo-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Disclosed issues often relate to vendor risk xxe and vendor risk path handling; exposure may include vendor impact file overwrite in vendor surface production workloads and vendor surface software deployment contexts.

Vulnerability distribution trend (last 24 months)

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-32406 An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response. [email protected] 8.6 0.49% 2025-04-08 2026-06-17
CVE-2024-48248 KEV NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials). [email protected] 8.6 94.01% 2025-03-04 2026-06-17
CVE-2020-15851 Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories. [email protected] 9.8 1.52% 2020-09-24 2026-06-16
CVE-2020-15850 Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is readable. [email protected] 7.8 0.52% 2020-09-24 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence