OpenTextVULNRICHMENT:CVE-2024-4556CVE-2024-4556 Directory traversal vulnerability in NetIQ Access Manager
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
39.2%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Improper Limitation of a Pathname to a Restricted Directory (βPath Traversalβ) vulnerability in OpenText NetIQ Access Manager allows access the sensitive information.Β This issue affects NetIQ Access Manager before 5.0.4 and before 5.1.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:netiq:access_manager:*:*:*:*:*:*:*:*"
],
"vendor": "netiq",
"product": "access_manager",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "5.0.4.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "0",
"lessThan": "5.1",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
39.2%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total