NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Information Disclosure
Access Manager
NVD
CVSS 3.0
3.1
EPSS
0.2%