CVE-2020-11451

The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. (This is also exploitable via SSRF). Note: The ability to upload visualization plugins requires administrator privileges.
Configurations

Configuration 1 (hide)

cpe:2.3:a:microstrategy:microstrategy_web:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-04-02 15:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-11451

Mitre link : CVE-2020-11451

CVE.ORG link : CVE-2020-11451


JSON object : View

Products Affected

microstrategy

  • microstrategy_web
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type