Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-7676
The NetIQ Identity Manager, in versions before 4.7, userapp with log / trace enabled may leak sensitive information.
Netiq Identity Manager
6.4
CVSSv2
CVE-2017-7426
The NetIQ Identity Manager Plugins prior to 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by malicious users to leak information or cause denial of service attacks.
Netiq Identity Manager
4.3
CVSSv2
CVE-2017-7427
Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the...
Netiq Identity Manager
NA
CVE-2023-24468
Broken access control in Advanced Authentication versions before 6.4.1.1 and 6.3.7.2
Netiq Advanced Authentication
7.2
CVSSv2
CVE-2006-4803
The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."
Netiq Identity Manager 3.0.1
4.6
CVSSv2
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
4.3
CVSSv2
CVE-2019-11650
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions before 6.0.
Microfocus Netiq Advanced Authentication
6.8
CVSSv2
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
Netiq Access Manager 4.4
7.5
CVSSv2
CVE-2018-1343
PAM exposure enabling unauthenticated access to remote host
Netiq Privileged Account Manager
4.3
CVSSv2
CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager before 5.0.2
Microfocus Netiq Access Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »