CVE-2023-7240
Broken Access Control leading to SSRF in NetIQ Identity Console
An improper authorization level has been detected in the login panel. It may lead to
unauthenticated Server Side Request Forgery and allows to perform open services
enumeration. Server makes query to provided server (Server IP/DNS field) and is
triggering connection to arbitrary address.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Affected products
OpenText · NetIQ Identity ConsoleWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →