Lucene search

K
cvelistMicrofocusCVELIST:CVE-2016-5749
HistoryMar 23, 2017 - 6:36 a.m.

CVE-2016-5749

2017-03-2306:36:00
microfocus
www.cve.org
2

EPSS

0.001

Percentile

17.3%

NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack.

CNA Affected

[
  {
    "product": "NetIQ Access Manager",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "NetIQ Access Manager"
      }
    ]
  }
]

EPSS

0.001

Percentile

17.3%

Related for CVELIST:CVE-2016-5749