PT-2014-3701 · Netiq · Netiq Security Manager

Published

2014-07-07

Updated

2021-04-13

CVE-2014-0602

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions NetIQ Security Manager versions prior to 6.5.5

Description A directory traversal issue exists in the DumpToFile method of the NQMcsVarSet ActiveX control. This allows remote attackers to execute arbitrary code.

Recommendations For versions prior to 6.5.5, update to version 6.5.5 or later to resolve the issue.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2014-0602

Affected Products

Netiq Security Manager

PT-2014-3701 · Netiq · Netiq Security Manager

CVE-2014-0602

Weakness Enumeration

Related Identifiers

Affected Products

References · 2