Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2017-7429

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

Published: Mar 2, 2018
Updated: Nov 9, 2025
CVE: CVE-2017-7429
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
netiq / edirectory	8.8.8-patch10	8.8.8-patch10.x
netiq / edirectory	8.8.8-patch9	8.8.8-patch9.x
netiq / edirectory	8.8.8-patch8	8.8.8-patch8.x
netiq / edirectory	8.8.8-patch7	8.8.8-patch7.x
netiq / edirectory	8.8.8-patch6	8.8.8-patch6.x
netiq / edirectory	8.8.8-patch5	8.8.8-patch5.x
microfocus / edirectory	-	8.8.8.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo