A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is configured. Note esfadmingui is not enabled by default.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: microfocus

Published: 2017-08-21T15:00:00Z

Updated: 2024-09-16T20:36:27.999Z

Reserved: 2017-04-05T00:00:00

Link: CVE-2017-7424

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-08-21T15:29:00.357

Modified: 2023-11-07T02:50:05.267

Link: CVE-2017-7424

cve-icon Redhat

No data.