CVE-2018-7674 LOW

CVE-2018-7674: IDM URL Redirection attack

Vendor Netiq
Product Identity Manager
Published March 28, 2018
Last update August 5, 2024

CVSS base score

2.1/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.

Key dates

02Disclosure timeline

March 28, 2018 CVE published
August 5, 2024 Record updated