Access Control Issue in Broadcom Identity Manager Management Console
CVE-2022-25626
5.3MEDIUM
Key Information:
- Vendor
Broadcom
- Vendor
- CVE Published:
- 16 December 2022
What is CVE-2022-25626?
An access control vulnerability in Broadcom Identity Manager allows unauthenticated users to view specific management console page URLs. While users can access these pages, they cannot perform server-side tasks without establishing a valid web session. This limitation highlights the importance of session validation to mitigate unauthorized access risks.
Affected Version(s)
Symantec Identity Governance and Administration 14.3, 14.4