CVE-2017-5187

CVE-2017-5187

A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter (CWE-275) configuration information and inject OS commands (CWE-78) via forged requests.

Source: CVE-2017-5187

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다