What is CVE-2018-1342?

CVE-2018-1342 is a critical-severity vulnerability in Micro Focus Netiq Access Manager, Administrative Console, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 9.8/10. Published 2018-01-26.

How severe is CVE-2018-1342?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Arbitrary file upload in Micro Focus Netiq Access Manager, Administrative Console

CVE-2018-1342

A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.

Vulnerability class: Unrestricted File Upload

EPSS: 0.012 (64.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Micro Focus Netiq Access Manager, Administrative Console — versions 4.3, 4.4
Netiq Access_manager — versions 4.3, 4.4

Weakness classification (CWE)

CWE-434 — Unrestricted Upload of File with Dangerous Type

References

security@opentext.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2018-1342?: CVE-2018-1342 is a critical-severity vulnerability in Micro Focus Netiq Access Manager, Administrative Console, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 9.8/10. Published 2018-01-26.
How severe is CVE-2018-1342?: Critical severity. CVSS v3 base score is 9.8 out of 10.