CVE-2017-7420

An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter configuration information and alter the state of the running product (CWE-275).

Published : 2017-08-21 15:29 Updated : 2019-10-09 23:29

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Microfocus Enterprise Server Monitor And Control - cpe:/a:microfocus:enterprise_server_monitor_and_control:-
Microfocus Enterprise Server 2.3 cpe:/a:microfocus:enterprise_server:2.3:update2
Microfocus Enterprise Server 2.3 cpe:/a:microfocus:enterprise_server:2.3:update1
Microfocus Enterprise Server 2.3 cpe:/a:microfocus:enterprise_server:2.3
Microfocus Enterprise Developer 2.3 cpe:/a:microfocus:enterprise_developer:2.3:update2
Microfocus Enterprise Developer 2.3 cpe:/a:microfocus:enterprise_developer:2.3:update1
Microfocus Enterprise Developer 2.3 cpe:/a:microfocus:enterprise_developer:2.3
  1. Microfocus (3) Search CVE
    1. Enterprise Server Monitor And Control (1) Search CVE
      1. -
    2. Enterprise Developer (1) Search CVE
      1. 2.3
    3. Enterprise Server (1) Search CVE
      1. 2.3

CWE

ID Name Description Links
CWE-287 Improper Authentication When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. CVE

History of changes

Date Event
2019-10-03 00:03
2017-08-28 16:26
2017-08-21 15:29

New CVE