Lucene search

[email protected]NVD:CVE-2020-11843

HistoryJun 11, 2024 - 8:15 a.m.

CVE-2020-11843

2024-06-1108:15:48

CWE-200

[email protected]

web.nvd.nist.gov

cve-2020-11843

netiq access manager

version 4.5

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.7%

JSON

This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before

Affected configurations

Nvd

Node

netiqaccess_managerRange<4.4

netiqaccess_managerMatch4.4-

netiqaccess_managerMatch4.4hotfix1

netiqaccess_managerMatch4.4sp1

netiqaccess_managerMatch4.4sp2

netiqaccess_managerMatch4.4sp3

netiqaccess_managerMatch4.4sp4

netiqaccess_managerMatch4.5-

netiqaccess_managerMatch4.5sp1

netiqaccess_managerMatch4.5sp2

VendorProductVersionCPE
netiqaccess_manager*cpe:2.3:a:netiq:access_manager:*:*:*:*:*:*:*:*
netiqaccess_manager4.4cpe:2.3:a:netiq:access_manager:4.4:-:*:*:*:*:*:*
netiqaccess_manager4.4cpe:2.3:a:netiq:access_manager:4.4:hotfix1:*:*:*:*:*:*
netiqaccess_manager4.4cpe:2.3:a:netiq:access_manager:4.4:sp1:*:*:*:*:*:*
netiqaccess_manager4.4cpe:2.3:a:netiq:access_manager:4.4:sp2:*:*:*:*:*:*
netiqaccess_manager4.4cpe:2.3:a:netiq:access_manager:4.4:sp3:*:*:*:*:*:*
netiqaccess_manager4.4cpe:2.3:a:netiq:access_manager:4.4:sp4:*:*:*:*:*:*
netiqaccess_manager4.5cpe:2.3:a:netiq:access_manager:4.5:-:*:*:*:*:*:*
netiqaccess_manager4.5cpe:2.3:a:netiq:access_manager:4.5:sp1:*:*:*:*:*:*
netiqaccess_manager4.5cpe:2.3:a:netiq:access_manager:4.5:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
netiq	access_manager	*	cpe:2.3:a:netiq:access_manager::::::::
netiq	access_manager	4.4	cpe:2.3:a:netiq:access_manager:4.4:-::::::
netiq	access_manager	4.4	cpe:2.3:a:netiq:access_manager:4.4:hotfix1::::::
netiq	access_manager	4.4	cpe:2.3:a:netiq:access_manager:4.4:sp1::::::
netiq	access_manager	4.4	cpe:2.3:a:netiq:access_manager:4.4:sp2::::::
netiq	access_manager	4.4	cpe:2.3:a:netiq:access_manager:4.4:sp3::::::
netiq	access_manager	4.4	cpe:2.3:a:netiq:access_manager:4.4:sp4::::::
netiq	access_manager	4.5	cpe:2.3:a:netiq:access_manager:4.5:-::::::
netiq	access_manager	4.5	cpe:2.3:a:netiq:access_manager:4.5:sp1::::::
netiq	access_manager	4.5	cpe:2.3:a:netiq:access_manager:4.5:sp2::::::

References

www.netiq.com/documentation/access-manager-44/accessmanager444-hf3-release-notes/data/accessmanager444-hf3-release-notes.html

www.netiq.com/documentation/access-manager-45/accessmanager452-hf1-release-notes/data/accessmanager452-hf1-release-notes.html

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.7%

JSON

Related for NVD:CVE-2020-11843

cve1 cvelist1 vulnrichment1