Lucene search

K
cve[email protected]CVE-2014-0602
HistoryJul 07, 2014 - 11:01 a.m.

CVE-2014-0602

2014-07-0711:01:28
CWE-94
web.nvd.nist.gov
17
cve-2014-0602
directory traversal
netiq security manager
activex control
remote code execution
vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.274 Low

EPSS

Percentile

96.8%

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in NetIQ Security Manager through 6.5.4 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3460.

Affected configurations

NVD
Node
microfocussecurity_managerRange6.5.4

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.274 Low

EPSS

Percentile

96.8%

Related for CVE-2014-0602