Access Manager@4.3 Security Vulnerabilities and Issues — Access Manager@4.3 CVE List

Lucene search

NetiqAccess Manager4.3

2 matches found

CVE•added 2017/04/20 6:59 p.m.•33 views

CVE-2017-5183

NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document.

6.1CVSS6AI score0.0024EPSS

CVE•added 2017/04/24 6:59 p.m.•32 views

CVE-2017-5191

An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 and 4.3 exists because Access Gateway Error pages do not validate the HTTP Referer header.

6.1CVSS5.9AI score0.0024EPSS