CVE-2017-5190

Summary

NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.

Affected Software

VendorProductVersion RangeStatus
n/aNAM Identity Server and SAML2 Service ProviderNAM Identity Server and SAML2 Service Provideraffected

Weaknesses

  • Information leakage

ADP Enrichment

CVE Program Container

Additional References

References