The admin interface in Landesk Management Suite 9.6 and earlier allows remote attackers to conduct remote file inclusion attacks involving ASPX pages from third-party sites via the d parameter to (1) ldms/sm_actionfrm.asp or (2) remote/frm_coremainfrm.aspx; or the (3) top parameter to remote/frm_splitfrm.aspx.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-19T15:00:00
Updated: 2024-08-06T11:41:49.212Z
Reserved: 2014-08-19T00:00:00
Link: CVE-2014-5362
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-09-19T15:29:00.193
Modified: 2018-10-09T19:50:09.990
Link: CVE-2014-5362
Redhat
No data.