How severe is CVE-2017-7420?

CVE-2017-7420 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2017-7420

Name: enterprise_server
Author: microfocus

9.8CRITICAL

An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hot

Publicado: 8/21/2017Actualizado: 4/20/2025

Descripción

An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter configuration information and alter the state of the running product (CWE-275).

Análisis IAImpulsado por IA

Productos Afectados

microfocusenterprise_developer

2.3

microfocusenterprise_developer

2.3

microfocusenterprise_developer

2.3

microfocusenterprise_server

2.3

microfocusenterprise_server

2.3

microfocusenterprise_server_monitor_and_control

Referencias

https://community.microfocus.com/microfocus/mainframe_solutions/enterprise_server/w/knowledge_base/29131/enterprise-server-security-fixes-july-2017
https://community.microfocus.com/microfocus/mainframe_solutions/enterprise_server/w/knowledge_base/29131/enterprise-server-security-fixes-july-2017