cvedb.io
CVE-2017-7421
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2017-08-21T15:29:00.263 · Last modified 2026-06-17T01:24:19.167

Summary

Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features.

Affected products

microfocus — directory_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when microfocus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.