CVE-2017-7432

9.8CRITICAL

Key Information:

Vendor: Novell
Status: Novell Imanager 2.7.x Before 2.7 Sp7 Patch 10 Hf1 And Netiq Imanager 3.x Before 3.0.3.1
Vendor: CVE Published:; 3 May 2017

Summary

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.

Affected Version(s)

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1

References

https://bugzilla.novell.com/show_bug.cgi?id=1027619

x_refsource_CONFIRM

https://www.novell.com/support/kb/doc.php?id=7010166

x_refsource_CONFIRM

https://dl.netiq.com/Download?buildid=24FxpmqdThE~

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2017
Vulnerability Reserved
Apr 5, 2017

Collectors

NVD DatabaseMitre Database