cvedb.io
CVE-2019-3489
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2019-04-01T20:29:00.800 · Last modified 2026-06-17T02:35:11.827

Summary

An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server.

Affected products

microfocus — content_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when microfocus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.