Path Traversal in Microfocus Privileged_user_manager

CVE-2012-5931

Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory tr…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.073 (93.5th percentile) — read the EPSS interpretation.

Affected products

Microfocus Privileged_user_manager — versions 2.3.0, 2.3.1
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)