What is CVE-2017-5182?

CVE-2017-5182 is a high-severity vulnerability in Micro Focus International Open Enterprise Server, classified under Path Traversal. CVSS score: 7.5/10. Published 2017-01-23.

How severe is CVE-2017-5182?

High severity. CVSS v3 base score is 7.5 out of 10.

Path Traversal in Micro Focus International Open Enterprise Server

CVE-2017-5182

Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability i…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.031 (86.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Micro Focus International Open Enterprise Server — versions All
Novell Open_enterprise_server — versions 2.0, 2015, 11.0

Weakness classification (CWE)

References

security@opentext.com (x_refsource_CONFIRM)
security@opentext.com (vdb-entry, x_refsource_SECTRACK)
security@opentext.com (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2017-5182?: CVE-2017-5182 is a high-severity vulnerability in Micro Focus International Open Enterprise Server, classified under Path Traversal. CVSS score: 7.5/10. Published 2017-01-23.
How severe is CVE-2017-5182?: High severity. CVSS v3 base score is 7.5 out of 10.