Authorization Check Flaw in eDirectory by NetIQ
CVE-2018-17950

7.5HIGH

Key Information:

Vendor: Micro Focus
Status: Netiq Edirectory 9.1 Sp2
Vendor: CVE Published:; 12 December 2018

🔔 Create Micro Focus Vulnerability Alert

What is CVE-2018-17950?

A vulnerability exists in eDirectory due to incorrect enforcement of authorization checks. This flaw can allow unauthorized users to access restricted functionalities, potentially leading to unintended operations within the system. Organizations using impacted versions should prioritize updating to eDirectory 9.1 SP2 or later to mitigate this risk and enhance the security posture of their deployments.

Affected Version(s)

NetIQ eDirectory 9.1 SP2 All versions prior to version 9.1 SP2

References

https://www.netiq.com/documentation/edirectory-91/edirect...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2018
Vulnerability Reserved
Oct 3, 2018