漏洞标题
N/A
漏洞描述信息
在微積克主機場景智能網站(MSS)和網站回顧(RWeb)以及回顧安全基礎(RSG)和回顧ZFE(ZFE)的行政伺服器允许远程未經授權的攻擊者通過特殊的URL來讀取任意文件。適用於MSS 12.3在12.3.326之前、MSS 12.2在12.2.342之前、RSG 12.1在12.1.362之前、RWeb 12.3在12.3.312之前、RWeb 12.2在12.2.342之前、RWeb 12.1在12.1.362之前、ZFE 2.0.1在2.0.1.18之前、ZFE 2.0.0在2.0.0.52之前、ZFE 1.4.0在1.4.0.14之前。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory traversal. Applies to MSS 12.3 before 12.3.326 and MSS 12.2 before 12.2.342 and RSG 12.1 before 12.1.362 and RWeb 12.3 before 12.3.312 and RWeb 12.2 before 12.2.342 and RWeb 12.1 before 12.1.362 and ZFE 2.0.1 before 2.0.1.18 and ZFE 2.0.0 before 2.0.0.52 and ZFE 1.4.0 before 1.4.0.14.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款Micro Focus产品信息泄露漏洞
漏洞描述信息
Micro Focus Host Access Management and Security Server(MSS,前称Attachmate Host Access Management and Security Server)等都是英国Micro Focus公司的产品。MSS是一款提供访问管理和安全的服务器;Reflection for the Web(RWeb,全称Attachmate Reflection for the Web)是一套终端仿真软件。 Micro Focus Host Access
CVSS信息
N/A
漏洞类别
信息泄露