CVE-2020-11862 HIGH

CVE-2020-11862: Insecure renegotiation in SSL protocol caused Denial of service attack in Privileged Account Manager

Vendor Opentext
Product NetIQ Privileged Account Manager
Weakness CWE-770 · Uncontrolled resource consumption
Published March 13, 2024
Last update August 26, 2024

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account Manager: before 3.7.0.2.

Key dates

02Disclosure timeline

March 13, 2024 CVE published
August 26, 2024 Record updated