Lucene search

K
cve[email protected]CVE-2014-0602
HistoryJul 07, 2014 - 11:01 a.m.

CVE-2014-0602

2014-07-0711:01:28
CWE-94
web.nvd.nist.gov
17
cve-2014-0602
directory traversal
netiq security manager
activex control
remote code execution
vulnerability

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.274 Low

EPSS

Percentile

96.8%

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in NetIQ Security Manager through 6.5.4 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3460.

Affected configurations

NVD
Node
microfocussecurity_managerRange6.5.4

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.274 Low

EPSS

Percentile

96.8%

Related for CVE-2014-0602