CVE-2023-7240
Broken Access Control leading to SSRF in NetIQ Identity Console
An improper authorization level has been detected in the login panel. It may lead to
unauthenticated Server Side Request Forgery and allows to perform open services
enumeration. Server makes query to provided server (Server IP/DNS field) and is
triggering connection to arbitrary address.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Productos afectados
OpenText · NetIQ Identity Console¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →