CVE-2017-9279

Name of the Vulnerable Software and Affected Versions NetIQ Identity Manager versions prior to 4.5.6.1

Description The issue allows malicious user administrators to upload files with double extensions or non-image content in the Themes handling of the User Application Administration. This could potentially lead to code execution or misleading users.

Recommendations For versions prior to 4.5.6.1, update to version 4.5.6.1 or later to resolve the issue. As a temporary workaround, consider restricting file uploads in the User Application Administration to minimize the risk of exploitation.