CVE-2018-7679

Summary

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

Affected Software

VendorProductVersion RangeStatus
Micro FocusSolutions Business Manager 11.4Solutions Business Manager 11.4 prior to 11.4affected

Weaknesses

  • Client-side remote code execution

ADP Enrichment

CVE Program Container

Additional References

References