CVE-2014-8678

Currently unrated

Key Information:

Vendor: Manageengine
Status: Oputils
Vendor: CVE Published:; 25 November 2014

Summary

The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."

References

http://www.zerodayinitiative.com/advisories/ZDI-14-386/

x_refsource_MISC

EPSS Score

36% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 25, 2014
Vulnerability Reserved
Nov 7, 2014

Collectors

NVD DatabaseMitre Database