An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server.
References
Link | Resource |
---|---|
https://softwaresupport.softwaregrp.com/doc/KM03359911 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microfocus
Published: 2019-04-01T19:12:43
Updated: 2021-01-06T16:16:01
Reserved: 2018-12-31T00:00:00
Link: CVE-2019-3489
JSON object: View
NVD Information
Status : Modified
Published: 2019-04-01T20:29:00.800
Modified: 2023-11-07T03:09:52.673
Link: CVE-2019-3489
JSON object: View
Redhat Information
No data.
CWE