CVE-2022-26329 LOW

CVE-2022-26329: File existence disclosue vulnerability in IDM plugin

Vendor Micro Focus

Product NetIQ Identity Manager

Weakness CWE-538

Published January 24, 2023

Last update April 1, 2025

View on NVD All CVEs

CVSS base score

1.8/10

Attack vector Adjacent

Attack complexity High

Privileges required High

User interaction Required

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL.

Key dates

02Disclosure timeline

January 24, 2023 CVE published

April 1, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-26329 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/538.html

Related vulnerabilities

Identifiers

CVE CVE-2022-26329

CWE CWE-538

CVSS 1.8 / LOW

Affected versions