Описание
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microfocus:sentinel:-:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:sentinel_agent_manager:-:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01432
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.
EPSS
Процентиль: 80%
0.01432
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22