Vulnerability Details CVE-2026-44925
Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.1%
CVSS Severity
CVSS v3 Score 8.8
References
- https://supportinfoscale.cloud.com/support-home/kbsearch/article?articleNumber=1000766080&articleTitle=InfoScale_Operations_Manager_IOM_web_application_Security_Bulletin_for_CVE_2026_44923_CVE_2026_44924_and_CVE_2026_44925
- https://www.veritas.com/support/en_US/doc/120571566-166757640-0/viom_tot_v118836641-166757640
Products affected by CVE-2026-44925
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.0.0
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.0.0.101
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.0.0.103
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.0.0.300a
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.0.0.400
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.0.0.500
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.100
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.200
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.300
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.400
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.500
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.600
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.700
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.1.0.800
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.2
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.2.0.100
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.2.0.200
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.2.0.300
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.0.100
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.0.200
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.0.300
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.100
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.200
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.300
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.400
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.500
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.600
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.700
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.3.1.800
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.0
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.100
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.200
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.300
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.400
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.500
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.600
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.700
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.800
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.0.900
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2.100
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2.200
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2.300
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2.400
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2.500
-
cpe:2.3:a:veritas:infoscale_operations_manager:7.4.2.600
-
cpe:2.3:a:veritas:infoscale_operations_manager:8.0.0
-
cpe:2.3:a:veritas:infoscale_operations_manager:8.0.0.410