How severe is CVE-2017-7420?

CVE-2017-7420 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2017-7420

Name: enterprise_server
Author: microfocus

9.8CRITICAL

An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hot

发布于: 8/21/2017更新于: 4/20/2025

描述

An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter configuration information and alter the state of the running product (CWE-275).

AI分析AI驱动

受影响产品

microfocusenterprise_developer

2.3

microfocusenterprise_developer

2.3

microfocusenterprise_developer

2.3

microfocusenterprise_server

2.3

microfocusenterprise_server

2.3

microfocusenterprise_server_monitor_and_control

参考资料

https://community.microfocus.com/microfocus/mainframe_solutions/enterprise_server/w/knowledge_base/29131/enterprise-server-security-fixes-july-2017
https://community.microfocus.com/microfocus/mainframe_solutions/enterprise_server/w/knowledge_base/29131/enterprise-server-security-fixes-july-2017