Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2018-7674
The NetIQ Identity Manager user console, in versions before 4.7, is susceptible to URL redirection.
Netiq Identity Manager
7.5
CVSSv2
CVE-2005-1244
Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote malicious users to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has dispu...
Netiq Pssecure 7.5
5.8
CVSSv2
CVE-2018-1348
NetIQ Identity Manager driver, in versions before 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.
Netiq Identity Manager
5
CVSSv2
CVE-2018-1349
The NetIQ Identity Manager driver log file, in versions before 4.7, provides details that could aid in system or configuration enumeration.
Netiq Identity Manager
5
CVSSv2
CVE-2018-1350
The NetIQ Identity Manager driver log file, in versions before 4.7, provides details that could aid in system enumeration.
Netiq Identity Manager
3.5
CVSSv2
CVE-2017-5190
NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile.
Netiq Access Manager
NA
CVE-2022-26329
File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows malicious user to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions before 4.8.5 on ALL.
Netiq Identity Manager
4.3
CVSSv2
CVE-2017-7419
A OAuth application in NetIQ Access Manager 4.3 prior to 4.3.2 and 4.2 prior to 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.
Netiq Access Manager
6.4
CVSSv2
CVE-2017-7426
The NetIQ Identity Manager Plugins prior to 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by malicious users to leak information or cause denial of service attacks.
Netiq Identity Manager
4.3
CVSSv2
CVE-2017-7427
Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the...
Netiq Identity Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »