Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

netiq edirectory vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq EdirectoryMicrofocus Netiq Edirectory 9.0
5
CVSSv2
CVE-2018-7686
Information leakage vulnerability in NetIQ eDirectory prior to 9.1.1 HF1 due to shared memory usage.
Microfocus Edirectory
5.8
CVSSv2
CVE-2018-7692
Unvalidated redirect vulnerability in in NetIQ eDirectory prior to 9.1.1 HF1.
Microfocus Edirectory
5
CVSSv2
CVE-2018-12461
Fixed issues with NetIQ eDirectory before 9.1.1 when checking certificate revocation.
Netiq Edirectory 9.1.1
5
CVSSv2
CVE-2018-1346
Addresses denial of service attack to eDirectory versions before 9.1.
Netiq Edirectory
7.5
CVSSv2
CVE-2017-9285
NetIQ eDirectory prior to 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
Netiq Edirectory 9.0Microfocus Edirectory
6.5
CVSSv2
CVE-2017-7429
The certificate upload in NetIQ eDirectory PKI plugin prior to 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated malicious users to execute JSP applets on the iManager server.
Netiq Edirectory 8.8.8Microfocus Edirectory
4.3
CVSSv2
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0Netiq Imanager 3.0.1Novell ImanagerNetiq Imanager 3.0Netiq Edirectory 9.0.2Netiq Edirectory 9.0.1Netiq Imanager 3.0.2Novell Edirectory
4.3
CVSSv2
CVE-2014-5212
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote malicious users to inject arbitrary web script or HTML via the rdn parameter.
Novell Edirectory
4
CVSSv2
CVE-2014-5213
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
Novell Edirectory
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook