Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-5189
NetIQ iManager prior to 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing malicious users to extract and establish their own connections to the Sentinel appliance.
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 2.7.6
Netiq Imanager 2.7.5
Netiq Imanager 2.7.4
Netiq Imanager 2.7.3
Netiq Imanager 2.7.2
Netiq Imanager 2.7.1
Netiq Imanager 2.7
Netiq Imanager 2.7.7
Netiq Imanager 2.7.7.10
Netiq Imanager 3.0.2
5.3
CVSSv3
CVE-2017-7428
NetIQ iManager 3.x prior to 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
6.1
CVSSv3
CVE-2017-7430
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have a persistent XSS vulnerability in Framework.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
8.8
CVSSv3
CVE-2017-7431
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have persistent CSRF in object management.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
9.8
CVSSv3
CVE-2017-7432
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have a webshell upload vulnerability.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
7.5
CVSSv3
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0
Netiq Imanager 3.0.1
Novell Imanager
Netiq Imanager 3.0
Netiq Edirectory 9.0.2
Netiq Edirectory 9.0.1
Netiq Imanager 3.0.2
Novell Edirectory
8.8
CVSSv3
CVE-2016-1597
A logged-in user in NetIQ Access Governance Suite 6.0 up to and including 6.4 could escalate privileges to administrator.
Netiq Access Governance Suite 6.0
Netiq Access Governance Suite 6.2
Netiq Access Governance Suite 6.4
Netiq Access Governance Suite 6.3
Netiq Access Governance Suite 6.1
6.1
CVSSv3
CVE-2017-5183
NetIQ Access Manager 4.2.2 and 4.3.x prior to 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document.
Netiq Access Manager 4.3
Netiq Access Manager 4.3.1
Netiq Access Manager 4.2.2
6.1
CVSSv3
CVE-2017-7425
Multiple potential reflected XSS issues exist in NetIQ iManager versions prior to 2.7.7 Patch 10 HF2 and 3.0.3.2.
Netiq Imanager 3.0.3.2
Netiq Imanager
6.5
CVSSv3
CVE-2016-1605
Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x prior to 7.4.2 allows remote malicious users to read arbitrary files via a PREVIEW value for the fileType field.
Netiq Sentinel 7.4
Netiq Sentinel 7.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »