CVE-2017-9279

CVSS 2.0 - LOW

Description

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.

Affected Products

1

Vendor	Product	Version
netiq	identity_manager	`All versions`

References

https://bugzilla.suse.com/show_bug.cgi?id=1049129

https://download.novell.com/Download?buildid=K7lbP...

https://bugzilla.suse.com/show_bug.cgi?id=1049129

https://download.novell.com/Download?buildid=K7lbP...

Weakness Types

CWE-434 CWE-20

CVE Information

CVE ID:: CVE-2017-9279
Published:: 2018-03-02
Modified:: 2024-11-21
CVSS Score:: 2.0
Severity:: LOW
Vector:: CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Affected Vendors

netiq

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL