Lucene search

[email protected]NVD:CVE-2017-7431

HistoryMay 03, 2017 - 5:59 a.m.

CVE-2017-7431

2017-05-0305:59:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

55.3%

JSON

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.

Affected configurations

Nvd

Node

novellimanagerMatch2.7

novellimanagerMatch2.7sp1

novellimanagerMatch2.7sp2

novellimanagerMatch2.7sp3

novellimanagerMatch2.7sp4

novellimanagerMatch2.7sp4_patch1

novellimanagerMatch2.7sp4_patch2

novellimanagerMatch2.7sp4_patch3

novellimanagerMatch2.7sp4_patch4

novellimanagerMatch2.7sp5

novellimanagerMatch2.7sp6

novellimanagerMatch2.7sp7

novellimanagerMatch2.7sp7_patch_1

novellimanagerMatch2.7sp7_patch_10

novellimanagerMatch2.7sp7_patch_2

novellimanagerMatch2.7sp7_patch_3

novellimanagerMatch2.7sp7_patch_4

novellimanagerMatch2.7sp7_patch_5

novellimanagerMatch2.7sp7_patch_6

novellimanagerMatch2.7sp7_patch_7

novellimanagerMatch2.7sp7_patch_8

novellimanagerMatch2.7sp7_patch_9

Node

netiqimanagerMatch3.0

netiqimanagerMatch3.0.1

netiqimanagerMatch3.0.2

netiqimanagerMatch3.0.2.1

netiqimanagerMatch3.0.3

netiqimanagerMatch3.0.3.1

VendorProductVersionCPE
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:*:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp1:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp2:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp3:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp4:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp4_patch1:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp4_patch2:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp4_patch3:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp4_patch4:*:*:*:*:*:*
novellimanager2.7cpe:2.3:a:novell:imanager:2.7:sp5:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:::::::*
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp1::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp2::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp3::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp4::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp4_patch1::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp4_patch2::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp4_patch3::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp4_patch4::::::
novell	imanager	2.7	cpe:2.3:a:novell:imanager:2.7:sp5::::::

Rows per page:

1-10 of 281

References

bugzilla.novell.com/show_bug.cgi?id=1024963

bugzilla.novell.com/show_bug.cgi?id=1030692

dl.netiq.com/Download?buildid=24FxpmqdThE~

dl.netiq.com/Download?buildid=wpS1UqIlx-o~

www.netiq.com/support/kb/doc.php?id=7016795

www.novell.com/support/kb/doc.php?id=7010166

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

55.3%

JSON

Related for NVD:CVE-2017-7431

cvelist1 cve1 prion1