Security Vulnerability: eDirectory Authorization Mechanism Bypass

  • Document ID:7011538
  • Creation Date:18-Dec-2012
  • Modified Date:27-Jan-2014
    • Micro Focus Products:
      eDirectory

Environment


NetIQ eDirectory 8.8.6.X on Windows
NetIQ eDirectory 8.8.7.X on Windows

Situation

An attacker may obtain administrator cookie via a specially crafted program.

Resolution

To resolve this vulnerability, please install eDirectory 8.8.7.2 or newer for eDirectory 8.8.7.x and eDirectory 8.8.6.x  available at https://dl.netiq.com

Status

Security Alert

Additional Information

This vulnerability was reported by specialists of Positive Research, the Positive Technologies company research center.

CVE-2012-0430