Lucene search
HistoryAug 29, 2014 - 10:00 a.m.
CVE-2014-0600
novell groupwise
administration service
fileuploadservlet
cve-2014-0600
zdi-can-2287
nvd
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.728 High
EPSS
Percentile
98.1%
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
Affected configurations
Node
novellgroupwiseMatch2014
| CPE | Name | Operator | Version |
|---|---|---|---|
| novell:groupwise | novell groupwise | eq | 2014 |
Related
zdi
zdi
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2014-0600
2014-08-29 09:55:07
openvas
openvas
Novell Groupwise 2014 < 2014 SP1 File Access Vulnerability - Active Check
2014-09-03 00:00:00
cvelist
cvelist
CVE-2014-0600
2014-08-29 10:00:00
prion
prion
Code injection
2014-08-29 09:55:00
nessus
nessus
Novell GroupWise 'FileUploadServlet' Arbitrary File Access Vulnerability
2014-09-02 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.728 High
EPSS
Percentile
98.1%
Related for CVE-2014-0600