CVE-2023-7240
Broken Access Control leading to SSRF in NetIQ Identity Console
An improper authorization level has been detected in the login panel. It may lead to
unauthenticated Server Side Request Forgery and allows to perform open services
enumeration. Server makes query to provided server (Server IP/DNS field) and is
triggering connection to arbitrary address.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Produtos afetados
OpenText · NetIQ Identity ConsoleQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →