CVE-2018-12468

Summary

A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. In certain circumstances this could result in remote code execution.

Affected Software

VendorProductVersion RangeStatus
Micro FocusGroupWise2018 < 18.0.2affected

Weaknesses

  • Arbitrary file upload potentially leading to remote code execution.

ADP Enrichment

CVE Program Container

Additional References

References