Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 19 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20

Thu, 12 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Microfocus
Microfocus netiq Access Manager
Weaknesses CWE-79
CPEs cpe:2.3:a:microfocus:netiq_access_manager:*:*:*:*:*:*:*:*
Vendors & Products Microfocus
Microfocus netiq Access Manager

Wed, 28 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Netiq
Netiq access Manager
CPEs cpe:2.3:a:netiq:access_manager:*:*:*:*:*:*:*:*
Vendors & Products Netiq
Netiq access Manager
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 28 Aug 2024 06:45:00 +0000

Type Values Removed Values Added
Description Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1.
Title Multiple xss vulnerability in NetIQ Access Manager
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: OpenText

Published:

Updated: 2024-09-19T17:32:19.052Z

Reserved: 2024-05-06T17:46:06.036Z

Link: CVE-2024-4554

cve-icon Vulnrichment

Updated: 2024-08-28T13:27:54.505Z

cve-icon NVD

Status : Modified

Published: 2024-08-28T07:15:09.330

Modified: 2024-09-19T18:15:10.433

Link: CVE-2024-4554

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.