ГлавнаяУязвимости → CVE-2024-3486
7.8высокая

CVE-2024-3486

Описание

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code execution.

Затрагиваемое ПО
Microfocus Imanager
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.htmlhttps://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html