Arbitrary File Read/Write Vulnerability in Novell GroupWise 2014 Administration Service

Arbitrary File Read/Write Vulnerability in Novell GroupWise 2014 Administration Service

CVE-2014-0600 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

Learn more about our Cis Benchmark Audit For Ibm I.