Lucene search
PRIOn knowledge basePRION:CVE-2018-12465HistoryJun 29, 2018 - 4:29 p.m.
Command injection
2018-06-2916:29:00
PRIOn knowledge base
www.prio-n.com
1
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5).
| CPE | Name | Operator | Version |
|---|---|---|---|
| secure_messaging_gateway | lt | 471 |
Related
packetstorm
packetstorm
MicroFocus Secure Messaging Gateway Remote Code Execution
2018-07-31 00:00:00
nvd
nvd
CVE-2018-12465
2018-06-29 16:29:00
CVE-2018-12464
2018-06-29 16:29:00
cve
cve
CVE-2018-12464
2018-06-29 16:29:00
CVE-2018-12465
2018-06-29 16:29:00
cvelist
cvelist
prion
prion
Sql injection
2018-06-29 16:29:00
zdt
zdt
MicroFocus Secure Messaging Gateway Remote Code Execution Exploit
2018-07-31 00:00:00
checkpoint_advisories
checkpoint_advisories
Micro Focus Secure Messaging Gateway SQL Injection (CVE-2018-12464)
2018-11-28 00:00:00