CVE-2014-0602

high

Description

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in NetIQ Security Manager through 6.5.4 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3460.

References

https://www.netiq.com/support/kb/doc.php?id=7015309

Details

Source: MITRE

Published: 2014-07-07

Updated: 2021-04-13

Type: CWE-94

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH