CVE-2016-5749

Published: 2017-03-23T06:59Z

Last Modified: 2024-11-21T02:54Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt