CVE-2022-26329

Summary

File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL.

Affected Software

VendorProductVersion RangeStatus
Micro FocusNetIQ Identity ManagerNetIQ Identity Manager < 4.8.5affected

Weaknesses

  • CWE-538: CWE-538 File and Directory Information Exposure

Workarounds

Update to the NetIQ Identity Manager 4.8.5 or above.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References