CVE-2017-14105

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at HiveManager/tomcat/webapps/hm/domains/$yourtenant/maps (it will be exposed at the web interface).
References
Link Resource
https://github.com/theguly/CVE-2017-14105 Exploit Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:aerohive:hivemanager_classic:8.0r1:*:*:*:*:*:*:*
cpe:2.3:a:aerohive:hivemanager_classic:8.1r1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-09-01 17:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-14105

Mitre link : CVE-2017-14105

CVE.ORG link : CVE-2017-14105


JSON object : View

Products Affected

aerohive

  • hivemanager_classic
CWE
CWE-20

Improper Input Validation