CVE-2020-11862 – This vulnerability in OpenText NetIQ Privileged... (How to Fix)

Q: What is the severity of CVE-2020-11862?

CVE-2020-11862 has a CVSS score of 8.6 (HIGH). This vulnerability in OpenText NetIQ Privileged Account Manager allows attackers to flood the system with requests, causing resource exhaustion and potential denial of service. It affects all NetIQ PAM installations on Linux, Windows, and 64-bit systems before version 3.7.0.2.

📋 TL;DR

This vulnerability in OpenText NetIQ Privileged Account Manager allows attackers to flood the system with requests, causing resource exhaustion and potential denial of service. It affects all NetIQ PAM installations on Linux, Windows, and 64-bit systems before version 3.7.0.2.

💻 Affected Systems

Products:

OpenText NetIQ Privileged Account Manager

Versions: All versions before 3.7.0.2

Operating Systems: Linux, Windows, 64-bit systems

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Netiq Privileged Account Manager by Opentext

View all CVEs affecting Netiq Privileged Account Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability due to resource exhaustion, preventing legitimate users from accessing privileged account management functions and potentially disrupting dependent systems.

🟠

Likely Case

Degraded performance or temporary service disruption affecting privileged account management operations, potentially impacting security workflows.

🟢

If Mitigated

Minimal impact with proper network segmentation and rate limiting in place, though some performance degradation may still occur during attacks.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Resource flooding attacks are generally simple to execute and require minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.7.0.2

Vendor Advisory: https://www.netiq.com/documentation/privileged-account-manager-37/npam_3702_releasenotes/data/npam_3702_releasenotes.html

Restart Required: Yes

Instructions:

1. Download NetIQ PAM 3.7.0.2 from official sources. 2. Backup current configuration. 3. Apply the update following vendor documentation. 4. Restart the PAM service. 5. Verify functionality.

🔧 Temporary Workarounds

Network Rate Limiting

all

Implement network-level rate limiting to restrict request frequency to PAM services

Network Segmentation

all

Restrict network access to PAM systems to only trusted administrative networks

🧯 If You Can't Patch

Implement strict network access controls and firewall rules to limit who can reach the PAM system
Deploy network-based DDoS protection or WAF with rate limiting capabilities

🔍 How to Verify

Check if Vulnerable:

Check the installed version of NetIQ PAM via administrative console or system information

Check Version:

Check via PAM administrative interface or consult system documentation for version query commands

Verify Fix Applied:

Verify version is 3.7.0.2 or later and test system responsiveness under load

📡 Detection & Monitoring

Log Indicators:

Unusually high request volumes
Resource exhaustion warnings
Performance degradation alerts

Network Indicators:

High volume of requests from single or few sources
Abnormal traffic patterns to PAM ports

SIEM Query:

source="pam_logs" AND (message="resource exhaustion" OR message="high load" OR message="connection flood")

📊 Metadata

CVE ID: CVE-2020-11862

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE: CWE-770

Published: March 13, 2024

Last Updated: March 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-11862, you might also want to check these: