Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq imanager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-7432
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have a webshell upload vulnerability.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
9.8
CVSSv3
CVE-2016-5757
iManager Admin Console in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
8.8
CVSSv3
CVE-2018-1345
NetIQ iManager, versions before 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
Netiq Imanager
8.8
CVSSv3
CVE-2017-7429
The certificate upload in NetIQ eDirectory PKI plugin prior to 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated malicious users to execute JSP applets on the iManager server.
Netiq Edirectory 8.8.8
Microfocus Edirectory
8.8
CVSSv3
CVE-2017-7431
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have persistent CSRF in object management.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
8.8
CVSSv3
CVE-2016-5750
The certificate upload feature in iManager in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
8.6
CVSSv3
CVE-2018-1344
Addresses potential communication downgrade attack in NetIQ iManager versions before 3.1
Netiq Imanager
7.5
CVSSv3
CVE-2017-5189
NetIQ iManager prior to 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing malicious users to extract and establish their own connections to the Sentinel appliance.
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 2.7.6
Netiq Imanager 2.7.5
Netiq Imanager 2.7.4
Netiq Imanager 2.7.3
Netiq Imanager 2.7.2
Netiq Imanager 2.7.1
Netiq Imanager 2.7
Netiq Imanager 2.7.7
Netiq Imanager 2.7.7.10
Netiq Imanager 3.0.2
7.5
CVSSv3
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0
Netiq Imanager 3.0.1
Novell Imanager
Netiq Imanager 3.0
Netiq Edirectory 9.0.2
Netiq Edirectory 9.0.1
Netiq Imanager 3.0.2
Novell Edirectory
6.1
CVSSv3
CVE-2022-38758
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows malicious user to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions before 3.2.6 on ALL.
Netiq Imanager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »