CVE-2024-4555

Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario.This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.7 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
OpenTextCNA
7.7 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
microfocusnetiq_access_manager
𝑥
< 5.0.4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager504-p1-release-notes/accessmanager504-p1-release-notes.html
https://www.microfocus.com/documentation/access-manager/5.1/accessmanager51-release-notes/accessmanager51-release-notes.html