CVE-2018-12469: Null Pointer Dereference
First published: Thu Oct 04 2018(Updated: )
Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2 causes a null pointer dereference (CWE-476) and subsequent denial of service due to process termination.
Credit: meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microfocus Enterprise Developer | <=2.3 | |
| Microfocus Enterprise Developer | =2.3-update1 | |
| Microfocus Enterprise Developer | =2.3-update2 | |
| Microfocus Enterprise Developer | =3.0 | |
| Microfocus Enterprise Developer | =4.0 | |
| Microfocus Enterprise Developer | =4.0-update1 | |
| Microfocus Enterprise Server | <=2.3 | |
| Microfocus Enterprise Server | =2.3-update1 | |
| Microfocus Enterprise Server | =2.3-update2 | |
| Microfocus Enterprise Server | =3.0 | |
| Microfocus Enterprise Server | =4.0 | |
| Microfocus Enterprise Server | =4.0-update1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-12469?
CVE-2018-12469 is a vulnerability that occurs due to incorrect handling of an invalid value for an HTTP request parameter by the Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server.
What is the severity level of CVE-2018-12469?
CVE-2018-12469 has a severity level of 7.5 (High).
Which software versions are affected by CVE-2018-12469?
The following versions of Micro Focus Enterprise Developer and Enterprise Server are affected by CVE-2018-12469: 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2.
How can I fix CVE-2018-12469?
To fix CVE-2018-12469, it is recommended to apply the necessary security patches provided by Micro Focus Enterprise Developer and Enterprise Server. Please refer to the official Micro Focus Community website for more information.
Where can I find more information about CVE-2018-12469?
You can find more information about CVE-2018-12469 on the official Micro Focus Community website. Please refer to the provided reference link.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/microfocus
- canonical/microfocus enterprise developer
- version/microfocus enterprise developer/2.3
- version/microfocus enterprise developer/2.3-update1
- version/microfocus enterprise developer/2.3-update2
- version/microfocus enterprise developer/3.0
- version/microfocus enterprise developer/4.0
- version/microfocus enterprise developer/4.0-update1
- canonical/microfocus enterprise server
- version/microfocus enterprise server/2.3
- version/microfocus enterprise server/2.3-update1
- version/microfocus enterprise server/2.3-update2
- version/microfocus enterprise server/3.0
- version/microfocus enterprise server/4.0
- version/microfocus enterprise server/4.0-update1