An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server.
References
Configurations
History
21 Nov 2024, 04:42
Type | Values Removed | Values Added |
---|---|---|
References | () https://softwaresupport.softwaregrp.com/doc/KM03359911 - |
07 Nov 2023, 03:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://softwaresupport.softwaregrp.com/doc/KM03359911 - |
Information
Published : 2019-04-01 20:29
Updated : 2024-11-21 04:42
NVD link : CVE-2019-3489
Mitre link : CVE-2019-3489
CVE.ORG link : CVE-2019-3489
JSON object : View
Products Affected
microfocus
- content_manager
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type