CVE-2017-5190
NONE3.1CVSS v3
3.5CVSS v2
0.24%
EPSS (exploit probability)
CWE-200CWE
Description
NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.
CVSS v3 vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch? |
|---|---|---|---|---|---|
| Ubiquiti | Ubiquiti EdgeRouter 4 | — |
— | — | No |