Severity
7.8HIGH
EPSS
2.9%
top 13.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 1
Latest updateMay 1
Description
Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference.
CVSS vector
AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9