NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.
CPE | Name | Operator | Version |
---|---|---|---|
access_manager | le | 4.2 | |
access_manager | le | 4.3 |