The certificate upload in NetIQ eDirectory PKI plugin prior to 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated malicious users to execute JSP applets on the iManager server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netiq edirectory 8.8.8 |
||
microfocus edirectory |