CVE-2018-12468
9.1
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. In certain circumstances this could result in remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Micro Focus | GroupWise | 2018 < 18.0.2 | affected |
Weaknesses
- Arbitrary file upload potentially leading to remote code execution.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.