CVE-2017-14803

Summary

In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.

Affected Software

VendorProductVersion RangeStatus
Micro FocusNetIQ Access Manager4.3affected
Micro FocusNetIQ Access Manager4.4affected

Weaknesses

  • Directory Traversal Information Disclosure Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References