CVE-2020-11849
CRITICALMicro Focus Identity Manager <4.7.3, 4.8.1 - Privilege Escalation
Title source: llmDescription
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html
Various Sources x_refsource_misc
https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html
Scores
CVSS v3
9.8
EPSS
0.0052
EPSS Percentile
66.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (3)
microfocus/identity_manager
4.7.4
microfocus/identity_manager
4.8.1
microfocus/identity_manager
< 4.7.3
Published
Jul 08, 2020
Tracked Since
Feb 18, 2026