First published: Thu Mar 23 2017(Updated: )
External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local files to logged-in users.
Credit: meissner@suse.de
Affected Software | Affected Version | How to fix |
---|---|---|
NetIQ Access Manager | =4.1 | |
NetIQ Access Manager | =4.1-sp1 | |
NetIQ Access Manager | =4.1-sp2 | |
NetIQ Access Manager | =4.2 | |
NetIQ Access Manager | =4.2-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.