Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-14802
Novell Access Manager Admin Console and IDP servers prior to 4.3.3 have a URL that could be used by remote malicious users to trigger unvalidated redirects to third party sites.
Netiq Access Manager
9.8
CVSSv3
CVE-2017-9278
The NetIQ Identity Manager Oracle EBS driver prior to 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
Netiq Identity Manager
6.1
CVSSv3
CVE-2016-1592
XSS in NetIQ Designer for Identity Manager prior to 4.5.3 allows remote malicious users to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.
Netiq Identity Manager
6.1
CVSSv3
CVE-2018-12462
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
Netiq Imanager 3.1.1
6.1
CVSSv3
CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
6.1
CVSSv3
CVE-2022-26326
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
NA
CVE-2006-4803
The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."
Netiq Identity Manager 3.0.1
5.9
CVSSv3
CVE-2019-11650
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions before 6.0.
Microfocus Netiq Advanced Authentication
8.8
CVSSv3
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Netiq Access Manager 4.4
NA
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »