CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-5190

NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.6%

CVSS Severity

CVSS v3 Score 3.1

CVSS v2 Score 3.5

References

http://www.securityfocus.com/bid/97965
http://www.securitytracker.com/id/1038338
https://www.novell.com/support/kb/doc.php?id=7018792
http://www.securityfocus.com/bid/97965
http://www.securitytracker.com/id/1038338
https://www.novell.com/support/kb/doc.php?id=7018792

Products affected by CVE-2017-5190

Netiq » Access Manager » Version: 4.1

cpe:2.3:a:netiq:access_manager:4.1
Netiq » Access Manager » Version: 4.2

cpe:2.3:a:netiq:access_manager:4.2
Netiq » Access Manager » Version: 4.3

cpe:2.3:a:netiq:access_manager:4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5190

Products

Pricing

Contact Us