216.73.216.133

CVE-2020-11846

· Published 21/08/2024 14:15 · Modified 23/08/2024 17:03

Labels: CVE-2020-11846 2024-08-21CVE-2020-11846CWE-269NVD-CWE-noinfo[email protected]

Essential information

Published
21/08/2024 14:15
Modified
23/08/2024 17:03
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
microfocus / netiq privileged access manager cpe:2.3:a:microfocus:netiq_privileged_access_manager:*:*:*:*:*:*:*:*
microfocus / netiq privileged access manager cpe:2.3:a:microfocus:netiq_privileged_access_manager:3.7:-:*:*:*:*:*:*

References