Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq identity manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-9284
IDM 4.6 Identity Applications before 4.6.2.1 may expose sensitive information.
Netiq Identity Manager
4.3
CVSSv2
CVE-2015-0787
XSS in NetIQ Designer for Identity Manager prior to 4.5.3 allows remote malicious users to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.
Netiq Identity Manager
4.3
CVSSv2
CVE-2017-7427
Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the...
Netiq Identity Manager
5
CVSSv2
CVE-2017-7434
In the JDBC driver of NetIQ Identity Manager prior to 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.
Netiq Identity Manager
6.4
CVSSv2
CVE-2017-7426
The NetIQ Identity Manager Plugins prior to 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by malicious users to leak information or cause denial of service attacks.
Netiq Identity Manager
4.3
CVSSv2
CVE-2016-1592
XSS in NetIQ Designer for Identity Manager prior to 4.5.3 allows remote malicious users to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.
Netiq Identity Manager
3.6
CVSSv2
CVE-2006-4506
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection.
Netiq Identity Manager 3.0.1
7.2
CVSSv2
CVE-2006-4803
The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."
Netiq Identity Manager 3.0.1
4.6
CVSSv2
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
2.1
CVSSv2
CVE-2007-4526
The Client Login Extension (CLE) in Novell Identity Manager prior to 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file.
Novell Client Login Extension \\(cle\\)
Netiq Identity Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »