Potential for User Account Impersonation Through Improper Privilege Management
CVE-2024-4555

7.5HIGH

Key Information:

Vendor: Opentext
Status: Netiq Access Manager
Vendor: CVE Published:; 28 August 2024

Summary

A vulnerability exists within OpenText NetIQ Access Manager which allows for improper privilege management, enabling user account impersonation under certain conditions. This vulnerability affects versions of NetIQ Access Manager prior to 5.0.4.1 and 5.1. Organizations using these versions are advised to assess their systems for potential exposure and apply the necessary patches to mitigate the risks associated with this security flaw.

Affected Version(s)

NetIQ Access Manager Linux 5.0.4.1

NetIQ Access Manager Linux 5.1

References

https://www.microfocus.com/documentation/access-manager/5...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 28, 2024
Vulnerability Reserved
May 6, 2024