CVE-2019-11648
HIGHMicro Focus NetIQ Self Service Password Reset <4.4 - Info Disclosure
Title source: llmDescription
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html
Scores
CVSS v3
7.5
EPSS
0.0111
EPSS Percentile
61.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
netiq/self_service_password_reset
< 4.4
Published
Jun 24, 2019
Tracked Since
Feb 18, 2026