CVE-2014-3460: Path Traversal
First published: Tue May 20 2014(Updated: )
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Micro Focus Sentinel | ||
| Micro Focus Sentinel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3460?
CVE-2014-3460 is considered a critical severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2014-3460?
To fix CVE-2014-3460, update to the latest version of Microfocus Sentinel and Sentinel Agent Manager that contains the security patches.
What type of vulnerability is CVE-2014-3460?
CVE-2014-3460 is a directory traversal vulnerability that allows attackers to create arbitrary files.
Who is affected by CVE-2014-3460?
Users of Microfocus Sentinel and Microfocus Sentinel Agent Manager are affected by CVE-2014-3460.
Can CVE-2014-3460 be exploited remotely?
Yes, CVE-2014-3460 can be exploited remotely by attackers to execute arbitrary code.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microfocus
- canonical/micro focus sentinel