CVE-2016-5752
N/A
N/A
Summary
The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | NetIQ Access Manager | NetIQ Access Manager | affected |
Weaknesses
- handling unsigned SAML requests incorrectly
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.