Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq access manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-1343
PAM exposure enabling unauthenticated access to remote host
Netiq Privileged Account Manager
9.8
CVSSv3
CVE-2018-1342
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
9.8
CVSSv3
CVE-2017-14803
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
9.8
CVSSv3
CVE-2016-5757
iManager Admin Console in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
8.8
CVSSv3
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Netiq Access Manager 4.4
8.8
CVSSv3
CVE-2016-5750
The certificate upload feature in iManager in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
8.8
CVSSv3
CVE-2016-5758
A cross site request forgery protection mechanism in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 could be circumvented by repeated uploads causing a high load.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
7.5
CVSSv3
CVE-2021-22527
Information leakage vulnerability in NetIQ Access Manager before 5.0.1 and 4.5.4
Microfocus Access Manager
7.5
CVSSv3
CVE-2016-5752
The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 prior to 4.1.2 HF1 and 4.2 prior to 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original request...
Netiq Access Manager 4.1
Netiq Access Manager 4.2
7.5
CVSSv3
CVE-2016-5754
Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 before SP2.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »