Vulnerability Details : CVE-2020-11843
This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before
Products affected by CVE-2020-11843
- cpe:2.3:a:netiq:access_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.4:-:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.4:hotfix1:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.4:sp1:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.4:sp2:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.4:sp3:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.4:sp4:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.5:-:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.5:sp2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11843
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11843
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST | 2024-08-23 |
|
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
OpenText | 2024-06-11 |
CWE ids for CVE-2020-11843
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: security@opentext.com (Secondary)
References for CVE-2020-11843
-
https://www.netiq.com/documentation/access-manager-44/accessmanager444-hf3-release-notes/data/accessmanager444-hf3-release-notes.html
Access Manager 4.4 Service Pack 4 Hotfix 3 Release NotesRelease Notes
-
https://www.netiq.com/documentation/access-manager-45/accessmanager452-hf1-release-notes/data/accessmanager452-hf1-release-notes.html
Access Manager 4.5 Service Pack 2 Hotfix 1 Release NotesRelease Notes
Jump to