Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fix for NetIQ shell code upload
Vulnerability Description
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Micro Focus NetIQ eDirectory PKI插件安全漏洞
Vulnerability Description
Micro Focus NetIQ eDirectory是英国Micro Focus公司的一套结合了身份管理架构和目录服务技术的身份管理基础平台。该平台提供认证策略、数据备份和恢复服务、数据容灾等功能。PKI plugin是其中的一个PKI(公钥基础设施)插件。 Micro Focus NetIQ eDirectory PKI插件8.8.8 Patch 10 Hotfix 1之前版本中的证书上传功能存在安全漏洞。攻击者可利用该漏洞在iManager服务器上执行JSP小应用程序。
CVSS Information
N/A
Vulnerability Type
N/A