Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-9278
The NetIQ Identity Manager Oracle EBS driver prior to 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
Netiq Identity Manager
9
CVSSv2
CVE-2017-9279
NetIQ Identity Manager prior to 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.
Netiq Identity Manager
5
CVSSv2
CVE-2017-9280
Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.
Netiq Identity Manager
4.3
CVSSv2
CVE-2017-7427
Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the...
Netiq Identity Manager
3.6
CVSSv2
CVE-2006-4506
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection.
Netiq Identity Manager 3.0.1
7.5
CVSSv2
CVE-2018-1343
PAM exposure enabling unauthenticated access to remote host
Netiq Privileged Account Manager
4.6
CVSSv2
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
6.8
CVSSv2
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Netiq Access Manager 4.4
4.3
CVSSv2
CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
5.8
CVSSv2
CVE-2022-26326
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »