Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Broken Access Control leading to SSRF in NetIQ Identity Console
Vulnerability Description
An improper authorization level has been detected in the login panel. It may lead to unauthenticated Server Side Request Forgery and allows to perform open services enumeration. Server makes query to provided server (Server IP/DNS field) and is triggering connection to arbitrary address.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
NetIQ Identity Console 安全漏洞
Vulnerability Description
NetIQ Identity Console是NetIQ公司的一个身份管理平台。 NetIQ Identity Console 1.7 Service Pack 2之前版本存在安全漏洞,该漏洞源于在登录面板中检测到不正确的授权级别,这可能会导致未经身份验证的服务器端请求伪造并允许执行开放服务枚举。
CVSS Information
N/A
Vulnerability Type
N/A