Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x prior to 4.1 allows remote malicious users to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microfocus access manager 4.0.1 |
||
microfocus access manager 4.0 |