{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T22:34:43.593","vulnerabilities":[{"cve":{"id":"CVE-2017-9280","sourceIdentifier":"security@opentext.com","published":"2018-03-02T20:29:00.957","lastModified":"2024-11-21T03:35:44.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar."},{"lang":"es","value":"Algunas versiones de NetIQ Identity Manager Applications anteriores a la Identity Manager 4.5.6.1 incluían el token de sesión en las URL GET. Esto podría permitir se expongan sesiones de usuario a terceros mediante proxies, url de referencia o similares."}],"metrics":{"cvssMetricV30":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-598"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netiq:identity_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"4.5.6.1","matchCriteriaId":"B66D9825-C8A9-45E2-B932-BA2444FCA62E"}]}]}],"references":[{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1049143","source":"security@opentext.com"},{"url":"https://download.novell.com/Download?buildid=K7lbPAGJyIk~","source":"security@opentext.com"},{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1049143","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://download.novell.com/Download?buildid=K7lbPAGJyIk~","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}