PT-2018-8504 · Netiq · Netiq Edirectory
Published
2018-03-02
·
Updated
2021-04-13
·
CVE-2017-9285
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NetIQ eDirectory versions prior to 9.0 SP4
Description
The issue allows unpermitted access to eDirectory services due to a lack of login restriction enforcement when using
ebaclient.Recommendations
For versions prior to 9.0 SP4, update to version 9.0 SP4 or later to resolve the issue.
Fix
Improper Access Control
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Netiq Edirectory