Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq access manager vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Netiq Access Manager 4.4
9.8
CVSSv3
CVE-2018-1343
PAM exposure enabling unauthenticated access to remote host
Netiq Privileged Account Manager
6.1
CVSSv3
CVE-2017-7419
A OAuth application in NetIQ Access Manager 4.3 prior to 4.3.2 and 4.2 prior to 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.
Netiq Access Manager
6.1
CVSSv3
CVE-2017-14801
Reflected XSS in the NetIQ Access Manager prior to 4.3.3 allowed malicious users to reflect back xss into the called page using the url parameter.
Netiq Access Manager
6.1
CVSSv3
CVE-2017-14802
Novell Access Manager Admin Console and IDP servers prior to 4.3.3 have a URL that could be used by remote malicious users to trigger unvalidated redirects to third party sites.
Netiq Access Manager
6.1
CVSSv3
CVE-2017-9276
Novell Access Manager iManager prior to 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.
Netiq Access Manager
6.1
CVSSv3
CVE-2017-14799
A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager prior to 4.3.3 could be used to inject javascript code into the login page.
Netiq Access Manager
6.1
CVSSv3
CVE-2017-14800
A reflected cross site scripting attack in the NetIQ Access Manager prior to 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
Netiq Access Manager
9.8
CVSSv3
CVE-2018-1342
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
9.8
CVSSv3
CVE-2017-14803
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »