Remote Authentication Flaw in NetIQ Access Manager Exposes Service-Account Passwords
CVE-2014-5215

Currently unrated

Key Information:

Vendor

Microfocus
Status
Access Manager
Vendor
CVE Published:
23 December 2014

What is CVE-2014-5215?

The vulnerability identified in NetIQ Access Manager prior to version 4.0.1 HF3 allows remote authenticated administrators to access sensitive service-account passwords. This security flaw can be exploited by sending crafted requests to specific JSP endpoints, revealing critical administrative information that should be secured against unauthorized access. Organizations using this product should prioritize upgrading to the patched version to minimize the risk of credential exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2014/Dec/78
mailing-listx_refsource_FULLDISC
https://www.novell.com/support/kb/doc.php?id=7015995
x_refsource_CONFIRM
https://www.sec-consult.com/fxdata/seccons/prod/temedia/a...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.