Security Vulnerability: eDirectory Authorization Mechanism Bypass

  • 7011538
  • 18-Dec-2012
  • 27-Jan-2014

Environment


NetIQ eDirectory 8.8.6.X on Windows
NetIQ eDirectory 8.8.7.X on Windows

Situation

An attacker may obtain administrator cookie via a specially crafted program.

Resolution

To resolve this vulnerability, please install eDirectory 8.8.7.2 or newer for eDirectory 8.8.7.x and eDirectory 8.8.6.x  available at https://dl.netiq.com

Status

Security Alert

Additional Information

This vulnerability was reported by specialists of Positive Research, the Positive Technologies company research center.

CVE-2012-0430

Feedback service temporarily unavailable. For content questions or problems, please contact Support.