Improper handling of token allows access to restricted resource in Privileged Access Manager

Vulnerability

A vulnerability in OpenText Privileged Access Manager (formerly NetIQ Privileged Account Manager) before version 3.7.0.1 [1] allows unrestricted access to all application resources after a token is issued. The issue occurs because a cookie is set upon successful token issuance that does not properly restrict access, enabling any user with the cookie to access resources without further authorization.

Exploitation

An attacker who can obtain a valid token (and the associated cookie) from the application — for example, by authenticating legitimately or intercepting a token issuance — can then use that cookie to access any application resource. No additional authentication or authorization checks are performed for subsequent requests.

Impact

Successful exploitation allows an attacker with a valid token cookie to access all application resources without restriction. This can lead to unauthorized access to sensitive data, administrative functions, and other protected areas of the application, resulting in a complete compromise of confidentiality, integrity, and availability of the affected system.

Mitigation

The vulnerability is fixed in Privileged Access Manager version 3.7.0.1, released in June 2020 [1]. Users should upgrade to this patched version immediately. No workarounds have been publicly disclosed in the available references.