Concurrency Issue in NetIQ Access Manager 4.2 and 4.3 Allows Information Leakage

Concurrency Issue in NetIQ Access Manager 4.2 and 4.3 Allows Information Leakage

CVE-2017-5190 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.

Learn more about our Cis Benchmark Audit For Server Software.