An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server.
References
Link | Resource |
---|---|
https://softwaresupport.softwaregrp.com/doc/KM03359911 |
Configurations
History
07 Nov 2023, 03:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://softwaresupport.softwaregrp.com/doc/KM03359911 - |
Information
Published : 2019-04-01 20:29
Updated : 2024-02-28 17:08
NVD link : CVE-2019-3489
Mitre link : CVE-2019-3489
CVE.ORG link : CVE-2019-3489
JSON object : View
Products Affected
microfocus
- content_manager
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type