Access to Sensitive Information Compromised by Path Traversal Vulnerability in OpenText NetIQ Access Manager

CVE-2024-4556

7.5HIGH

Key Information

Vendor: Opentext
Status: Netiq Access Manager
Vendor: CVE Published:; 28 August 2024

Summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1.

Affected Version(s)

NetIQ Access Manager < 5.0.4.1

NetIQ Access Manager < 5.1

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 28, 2024
Vulnerability Reserved.
May 6, 2024

Collectors

NVD DatabaseMitre Database