Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23949
An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4.1
Broadcom Symantec Identity Governance And Administration 14.4.2
Broadcom Symantec Identity Manager 14.4
Broadcom Symantec Identity Manager 14.3
NA
CVE-2023-23950
User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses.
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4.1
Broadcom Symantec Identity Governance And Administration 14.4.2
Broadcom Symantec Identity Manager 14.4
Broadcom Symantec Identity Manager 14.3
NA
CVE-2023-23951
Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4.1
Broadcom Symantec Identity Governance And Administration 14.4.2
Broadcom Symantec Identity Manager 14.4
Broadcom Symantec Identity Manager 14.3
NA
CVE-2022-26329
File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows malicious user to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions before 4.8.5 on ALL.
Netiq Identity Manager
NA
CVE-2022-22462
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 225078.
Ibm Security Verify Governance 10.0.1
NA
CVE-2022-22449
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224...
Ibm Security Verify Governance 10.0.1
NA
CVE-2022-22456
IBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
Ibm Security Verify Governance 10.0.1
NA
CVE-2022-22457
IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.
Ibm Security Verify Governance 10.0.1
NA
CVE-2022-22458
IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009.
Ibm Security Verify Governance 10.0.1
NA
CVE-2022-35646
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096.
Ibm Security Verify Governance 10.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »