Vulnerability CVE-2018-1342

Vulnerability CVE-2018-1342

Published: 2018-01-25 Modified: 2018-01-26

Description:

A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.

Type:

CWE-434

(Unrestricted Upload of File with Dangerous Type)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Netiq -> Access manager

References:

https://www.novell.com/support/kb/doc.php?id=7022444

Copyright 2024, cxsecurity.com