CVE-2018-1342
CRITICALNetIQ Access Manager 4.3-4.4 - Unrestricted File Upload to Admin Console
Title source: llmDescription
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.novell.com/support/kb/doc.php?id=7022444
Scores
CVSS v3
9.8
EPSS
0.0119
EPSS Percentile
64.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
Status
published
Products (2)
netiq/access_manager
4.3
netiq/access_manager
4.4
Published
Jan 26, 2018
Tracked Since
Feb 18, 2026