High severity7.5NVD Advisory· Published Mar 23, 2017· Updated Jun 17, 2026
CVE-2016-5752
CVE-2016-5752
Description
The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:netiq:access_manager:4.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:netiq:access_manager:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:netiq:access_manager:4.2:sp1:*:*:*:*:*:*
- (no CPE)range: < 4.1.2 HF1, < 4.2.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.