Command injection exploit in the legacy UI php code

SUMMARY

A command injection exploit in the legacy UI php code was resolved in version 9.2

ISSUE

A command injection exploit in the legacy UI .php code was resolved in version 9.2. 

RESOLUTION

To resolve this issue, upgrade your appliance to version 9.2. 

CAUSE

This exploit was caused by two factors: 

  1. A lack of authorization check on the update functionality.
  2. Improperly filtered input used as a command line parameter to yum.  

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us