DescriptionFileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database|
- TID7015566, published Sat May 19 21:49:02 CEST 2018