← back
CVE-2024-4555

User impersonation with MFA when configure in specific way

CVSS 7.7 HIGHEPSS 0.3%CWE-266
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Affected products
OpenText · NetIQ Access Manager

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager504-p1-release-notes/accessmanager504-p1-release-notes.htmlhttps://www.microfocus.com/documentation/access-manager/5.1/accessmanager51-release-notes/accessmanager51-release-notes.html