A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is configured. Note esfadmingui is not enabled by default.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: microfocus
Published: 2017-08-21T15:00:00Z
Updated: 2024-09-16T20:36:27.999Z
Reserved: 2017-04-05T00:00:00
Link: CVE-2017-7424
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-08-21T15:29:00.357
Modified: 2024-11-21T03:31:52.390
Link: CVE-2017-7424
Redhat
No data.