PT-2018-8374 · Netiq · Netiq Access Manager

Publicado

2018-03-02

Atualizado

2019-10-09

CVE-2017-7419

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions NetIQ Access Manager versions 4.2 through 4.2.3 NetIQ Access Manager versions 4.3 through 4.3.1

Description The issue allows cross-site scripting attacks due to an unescaped description field that could be specified by the provider.

Recommendations For NetIQ Access Manager versions 4.2 through 4.2.3, update to version 4.2.4 to resolve the issue. For NetIQ Access Manager versions 4.3 through 4.3.1, update to version 4.3.2 to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2017-7419

Produtos afetados

Netiq Access Manager

PT-2018-8374 · Netiq · Netiq Access Manager

CVE-2017-7419

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4