Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-5189
NetIQ iManager prior to 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing malicious users to extract and establish their own connections to the Sentinel appliance.
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 2.7.6
Netiq Imanager 2.7.5
Netiq Imanager 2.7.4
Netiq Imanager 2.7.3
Netiq Imanager 2.7.2
Netiq Imanager 2.7.1
Netiq Imanager 2.7
Netiq Imanager 2.7.7
Netiq Imanager 2.7.7.10
Netiq Imanager 3.0.2
5
CVSSv2
CVE-2017-7434
In the JDBC driver of NetIQ Identity Manager prior to 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.
Netiq Identity Manager
5
CVSSv2
CVE-2017-7428
NetIQ iManager 3.x prior to 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
5
CVSSv2
CVE-2017-5184
A vulnerability exists in NetIQ Sentinel Server 8.0 prior to 8.0.1 that may allow leakage of information (account enumeration).
Microfocus Sentinel
5
CVSSv2
CVE-2017-5185
A vulnerability exists in NetIQ Sentinel Server 8.0 prior to 8.0.1 that may allow remote denial of service.
Microfocus Sentinel
5
CVSSv2
CVE-2016-5752
The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 prior to 4.1.2 HF1 and 4.2 prior to 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original request...
Netiq Access Manager 4.1
Netiq Access Manager 4.2
5
CVSSv2
CVE-2016-5754
Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 before SP2.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
4.6
CVSSv2
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
4.3
CVSSv2
CVE-2021-22531
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
Microfocus Access Manager 4.5
Microfocus Access Manager 5.0
4.3
CVSSv2
CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »