Описание
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.
Уязвимые конфигурации
Конфигурация 1Версия до 6.3 (исключая)
Одно из
cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00146
Низкий
5.1 Medium
CVSS3
7.2 High
CVSS3
Дефекты
CWE-77
CWE-77
Связанные уязвимости
CVSS3: 5.1
github
больше 1 года назад
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.
EPSS
Процентиль: 35%
0.00146
Низкий
5.1 Medium
CVSS3
7.2 High
CVSS3
Дефекты
CWE-77
CWE-77