HIGH🇬🇧 English

CVE-2017-7429

CVSS 8.8v3.0pub. 2018-03-02upd. 2024-11-21

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Microfocus Edirectory

    APP
    Microfocus
    ≤ 8.8.8
  • Netiq Edirectory

    APP
    Netiq
    8.8.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-22532HIGH7.6ten sam produkt

Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirect...

CVE-2021-38133HIGH7.4ten sam produkt

Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This...

CVE-2018-17950HIGH7.5ten sam produkt

Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2

CVE-2018-7686HIGH7.5ten sam produkt

Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.

CVE-2017-5186HIGH7.5ten sam produkt

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 ...

CVE-2017-7429 — HIGH 8.8 | CVEbaza.pl