CVE-2017-7426: iManager - XML External Entity vulnerabilities
First published: Thu Mar 01 2018(Updated: )
The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
Credit: meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetIQ Identity Manager | <4.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7426?
CVE-2017-7426 has a severity score of 9.1, indicating it is critical.
How do I fix CVE-2017-7426?
To fix CVE-2017-7426, upgrade to NetIQ Identity Manager version 4.6.1 or later.
What are the potential impacts of CVE-2017-7426?
CVE-2017-7426 can lead to information leakage or denial of service attacks.
Which versions of NetIQ Identity Manager are affected by CVE-2017-7426?
CVE-2017-7426 affects all versions of NetIQ Identity Manager before 4.6.1.
What is the nature of the vulnerability in CVE-2017-7426?
CVE-2017-7426 is related to XML External Entity (XXE) handling flaws.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/tags
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- vendor/netiq
- canonical/netiq identity manager