CVE-2018-1342: Malicious File Upload
First published: Fri Jan 26 2018(Updated: )
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.
Credit: meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Micro Focus NetIQ Access Manager | =4.3 | |
| Micro Focus NetIQ Access Manager | =4.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-1342?
CVE-2018-1342 is considered a critical vulnerability due to the potential for remote file upload and execution on vulnerable servers.
How do I fix CVE-2018-1342?
To fix CVE-2018-1342, upgrade to the latest version of NetIQ Access Manager which addresses this vulnerability.
What versions of NetIQ Access Manager are affected by CVE-2018-1342?
CVE-2018-1342 affects NetIQ Access Manager versions 4.3 and 4.4.
What type of attack does CVE-2018-1342 allow?
CVE-2018-1342 allows an attacker to upload files and potentially execute them on the Admin Console server.
Is there a workaround for CVE-2018-1342?
There are no documented workarounds for CVE-2018-1342; upgrading is the recommended mitigation.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/netiq
- canonical/micro focus netiq access manager
- version/micro focus netiq access manager/4.3
- version/micro focus netiq access manager/4.4