CVE-2016-1598
5.4MEDIUM
Key Information
- Vendor
- Novell
- Status
- NetIQ IDM 4.5 Identity Applications before 4.5.4
- Vendor
- CVE Published:
- 27 October 2016
Summary
XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.
Affected Version(s)
NetIQ IDM 4.5 Identity Applications before 4.5.4 = NetIQ IDM 4.5 Identity Applications before 4.5.4
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database