Novell.Forum.Unspecified.Remote.Tcl.Code.Execution

description-logoDescription

This indicates a possible exploit of a remote command-execution vulnerability in Novell SiteScape Forum software.
A vulnerability has been reported in SiteScape Forum that may allow an attacker to execute TCL commands on a vulnerable system. An attacker may include TCL commands by supplying an injection string through the URL.

affected-products-logoAffected Products

Novell Forum (formerly SiteScape Forum) 7.x
Novell Forum (formerly SiteScape Forum) 8.x

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary TCL commands.

recomended-action-logoRecommended Actions

Apply the patch, available from the following web site:
http://download.novell.com/Download?buildid=6k-5X-UPnrM~

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995