CVE-2017-9279
NetIQ Identity Manager allowed uploading of user icons with incorrect types or extensions
NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Productos afectados
NetIQ · Identity Manager¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →