RSS   Vulnerabilities for 'Reflection for the web'   RSS

2016-11-29
 
CVE-2016-5765

 

 
Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory traversal. Applies to MSS 12.3 before 12.3.326 and MSS 12.2 before 12.2.342 and RSG 12.1 before 12.1.362 and RWeb 12.3 before 12.3.312 and RWeb 12.2 before 12.2.342 and RWeb 12.1 before 12.1.362 and ZFE 2.0.1 before 2.0.1.18 and ZFE 2.0.0 before 2.0.0.52 and ZFE 1.4.0 before 1.4.0.14.

 

 >>> Vendor: Microfocus 51 Products
Cobol
Visibroker
Rumba
Rumba ftp
Host access management and security server
Reflection for the web
Reflection security gateway
Reflection zfe
Enterprise server monitor and control
Enterprise server
Enterprise developer
Directory server
Bi-directional driver
Connected backup
Project and portfolio management
Operations manager i
Fortify audit workbench
Fortify software security center
Universal cmdb foundation software
Ucmdb configuration manager
Project and portfolio management center
Cms server
Universal cmdb
Universal cmdb browser
Client
Arcsight enterprise security manager
Data center automation
Hybrid cloud management
Network operations management
Operations bridge
Service management automation
Network virtualization
Service virtualization
Unified functional testing
Netware
Access manager
Service manager
Real user monitoring
Edirectory
FILR
Data protector
Netiq edirectory
Solutions business manager
Content manager
Network automation
Open enterprise server
Identity manager
Netiq self service password reset
Verastream host integrato
Service manager chat server
Service manager chat service


Copyright 2019, cxsecurity.com

 

Back to Top