Vulnerability Details : CVE-2016-5749
NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack.
Vulnerability category: XML external entity (XXE) injection
Exploit prediction scoring system (EPSS) score for CVE-2016-5749
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less