Lucene search
OpenTextCVE-2024-4555HistoryAug 28, 2024 - 7:15 a.m.
CVE-2024-4555
2024-08-2807:15:09
CWE-269
OpenText
web.nvd.nist.gov
30
opentext
netiq
access manager
privilege management
vulnerability
user account impersonation
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS
0.001
Percentile
18.6%
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario.Β This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
Affected configurations
Node
microfocusnetiq_access_managerRange<5.0.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microfocus | netiq_access_manager | * | cpe:2.3:a:microfocus:netiq_access_manager:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "NetIQ Access Manager",
"vendor": "OpenText",
"versions": [
{
"lessThan": "<",
"status": "affected",
"version": "5.0.4.1",
"versionType": "server"
},
{
"lessThan": "<",
"status": "affected",
"version": "5.1",
"versionType": "server"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-4555 User impersonation with MFA when configure in specific way
2024-08-28 06:27:21
nvd
nvd
CVE-2024-4555
2024-08-28 07:15:09
cvelist
cvelist
CVE-2024-4555 User impersonation with MFA when configure in specific way
2024-08-28 06:27:21
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS
0.001
Percentile
18.6%
Related for CVE-2024-4555