Upstream information

CVE-2016-5749 at MITRE

Description

NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack.

SUSE information

Overall state of this security issue: Does not affect SUSE products

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

  • TID7017806, published Sa 3. Mär 12:02:47 CET 2018


SUSE Timeline for this CVE

CVE page created: Thu Mar 23 09:47:11 2017
CVE page last modified: Tue Jul 1 12:28:36 2025