Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-9276
Novell Access Manager iManager prior to 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.
Netiq Access Manager
5
CVSSv2
CVE-2017-9278
The NetIQ Identity Manager Oracle EBS driver prior to 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
Netiq Identity Manager
5
CVSSv2
CVE-2017-9280
Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.
Netiq Identity Manager
5
CVSSv2
CVE-2017-9284
IDM 4.6 Identity Applications before 4.6.2.1 may expose sensitive information.
Netiq Identity Manager
4.6
CVSSv2
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
7.2
CVSSv2
CVE-2006-4803
The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."
Netiq Identity Manager 3.0.1
6.8
CVSSv2
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Netiq Access Manager 4.4
3.6
CVSSv2
CVE-2006-4506
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection.
Netiq Identity Manager 3.0.1
4.3
CVSSv2
CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
5.8
CVSSv2
CVE-2022-26326
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »