CVE-2017-7432

Severity

75%

Complexity

99%

Confidentiality

106%

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.

CVSS 3.0 Base Score 9.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 7 years ago

2017-05-03 05:59:00

Last updated 5 years ago

2019-10-03 00:03:00

Affected Software

Novell iManager 2.7

2.7

Novell iManager 2.7 Service Pack 4

2.7

Novell iManager 2.7 Service Pack 4 Patch 1

2.7

Novell iManager 2.7 Service Pack 4 Patch 2

2.7

Novell iManager 2.7 Service Pack 4 Patch 3

2.7

Novell iManager 2.7 Service Pack 4 Patch 4

2.7

Novell iManager 2.7 Service Pack 5

2.7

Novell iManager 2.7 Service Pack 6

2.7

References

https://bugzilla.novell.com/show_bug.cgi?id=1027619

Permissions Required

https://dl.netiq.com/Download?buildid=24FxpmqdThE~

Release Notes, Vendor Advisory

https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~

Release Notes, Vendor Advisory

https://www.netiq.com/support/kb/doc.php?id=7016795

Release Notes, Vendor Advisory

https://www.novell.com/support/kb/doc.php?id=7010166

Release Notes, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.