Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.
References
Configurations
History
21 Nov 2024, 04:12
Type | Values Removed | Values Added |
---|---|---|
References | () http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm - |
07 Nov 2023, 03:01
Type | Values Removed | Values Added |
---|---|---|
References | () http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm - |
Information
Published : 2018-06-21 19:29
Updated : 2024-11-21 04:12
NVD link : CVE-2018-7679
Mitre link : CVE-2018-7679
CVE.ORG link : CVE-2018-7679
JSON object : View
Products Affected
microfocus
- solutions_business_manager
CWE
CWE-20
Improper Input Validation