Vulnerability: Remote Code Execution via Certificate Upload in NetIQ eDirectory PKI Plugin

Vulnerability: Remote Code Execution via Certificate Upload in NetIQ eDirectory PKI Plugin

CVE-2017-7429 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

Learn more about our Cis Benchmark Audit For Server Software.