Summary
NetIQ Access Manager suffers from cross site request forgery, external entity injection, information disclosure, and cross site scripting vulnerabilities.
Solution
Update to 4.0 SP1 Hot Fix 3 or higher
Insight
An attacker without an account on the NetIQ Access Manager is be able to gain administrative access by combining different attack vectors. Though this host may not always be accessible from a public network, an attacker is still able to compromise the system when directly targeting administrative users.
Because the NetIQ Access Manager is used for authentication, an attacker compromising the system can use it to gain access to other systems.
Affected
NetIQ Access Manager version 4.0 SP1
Detection
Send a special crafted HTTP GET request and check the response.
References
Severity
Classification
-
CVE CVE-2014-5214, CVE-2014-5215, CVE-2014-5216, CVE-2014-5217 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
- Apache Tomcat Directory Listing and File disclosure
- Apache Archiva Cross Site Request Forgery Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability