Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-11846

A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.

Published

2024-08-21T14:15:07.737

Last Modified

2024-08-23T17:03:39.093

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.7 (HIGH)

Weaknesses

Type: Secondary
CWE-269
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	microfocus	netiq_privileged_access_manager	< 3.7	Yes
Application	microfocus	netiq_privileged_access_manager	3.7	Yes

References

https://www.netiq.com/documentation/privileged-account-manager-37/npam_3701_releasenotes/data/npam_3701_releasenotes.html Release Notes ([email protected])