Short Name |
HTTP:MICROFOCUS-NETIQ-AB |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Micro Focus NetIQ Sentinel Server SentinelContext Authentication Bypass |
Release Date |
2016/07/26 |
Update Number |
2762 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Micro Focus NetIQ Sentinel Server. Successful exploitation allows the attacker to bypass authentication and gain access to the web application as admin user.
Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileType field.