Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2
Max CVSS
9.8
EPSS Score
0.20%
Published
2023-03-15
Updated
2023-03-19
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.
Max CVSS
7.2
EPSS Score
0.06%
Published
2023-01-26
Updated
2023-02-01
File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL.
Max CVSS
5.3
EPSS Score
0.06%
Published
2023-01-26
Updated
2023-02-01
Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account Manager: before 3.7.0.2.
Max CVSS
8.6
EPSS Score
0.04%
Published
2024-03-13
Updated
2024-03-14
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information.
Max CVSS
7.5
EPSS Score
0.17%
Published
2019-06-24
Updated
2019-06-24
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-07-10
Updated
2019-10-09
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
Max CVSS
7.5
EPSS Score
0.08%
Published
2018-07-10
Updated
2019-10-09
A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4.
Max CVSS
4.8
EPSS Score
0.05%
Published
2018-03-14
Updated
2019-10-09
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Max CVSS
8.8
EPSS Score
0.07%
Published
2018-03-14
Updated
2019-10-09
The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information.
Max CVSS
5.9
EPSS Score
0.17%
Published
2018-03-28
Updated
2019-10-09
The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-03-28
Updated
2019-10-09
The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack.
Max CVSS
7.5
EPSS Score
0.13%
Published
2018-03-26
Updated
2019-10-09
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration.
Max CVSS
5.3
EPSS Score
0.09%
Published
2018-03-26
Updated
2019-10-09
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration.
Max CVSS
5.3
EPSS Score
0.09%
Published
2018-03-26
Updated
2019-10-09
NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.
Max CVSS
7.4
EPSS Score
0.13%
Published
2018-03-26
Updated
2019-10-09
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-03-21
Updated
2019-10-09
Addresses denial of service attack to eDirectory versions prior to 9.1.
Max CVSS
7.5
EPSS Score
0.13%
Published
2018-03-21
Updated
2019-10-09
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
Max CVSS
8.8
EPSS Score
0.10%
Published
2018-03-21
Updated
2019-10-09
Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1
Max CVSS
8.6
EPSS Score
0.09%
Published
2018-03-21
Updated
2019-10-09
PAM exposure enabling unauthenticated access to remote host
Max CVSS
9.8
EPSS Score
0.32%
Published
2018-03-06
Updated
2018-03-29
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.
Max CVSS
9.8
EPSS Score
0.48%
Published
2018-01-26
Updated
2018-02-13
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.
Max CVSS
10.0
EPSS Score
61.59%
Published
2018-01-20
Updated
2019-10-03
Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites.
Max CVSS
6.1
EPSS Score
0.13%
Published
2018-03-02
Updated
2019-10-09
Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-03-02
Updated
2019-10-09
A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-03-01
Updated
2019-10-09
68 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!