Unauthorized Access to Information via NetIQ Access Manager
CVE-2020-11843

6.5MEDIUM

Key Information:

Vendor: Opentext
Status: Netiq Access Manager
Vendor: CVE Published:; 11 June 2024

Summary

The vulnerability in NetIQ Access Manager affects versions 4.5 and earlier, exposing sensitive information to unauthorized users. This issue arises from the improper handling of access control, allowing attackers to gain unpermitted access to confidential data. Organizations employing affected versions should consider reviewing their configurations and applying necessary patches to mitigate risks associated with this exposure.

Affected Version(s)

NetIQ Access Manager Windows 4.5

References

https://www.netiq.com/documentation/access-manager-45/acc...

https://www.netiq.com/documentation/access-manager-44/acc...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 11, 2024
Vulnerability Reserved
Apr 16, 2020