CVE-2019-3474

Summary

A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

Affected Software

VendorProductVersion RangeStatus
Micro FocusFilr3 < 3.0 Security Update 6affected

Weaknesses

  • CWE-22: Path traversal [CWE-22]

ADP Enrichment

CVE Program Container

Additional References

References