Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-24468
Broken access control in Advanced Authentication versions before 6.4.1.1 and 6.3.7.2
Netiq Advanced Authentication
9.8
CVSSv3
CVE-2020-25839
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.
Microfocus Identity Manager 4.8
9.8
CVSSv3
CVE-2019-11652
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate.
Microfocus Netiq Self Service Password Reset
9.8
CVSSv3
CVE-2018-1343
PAM exposure enabling unauthenticated access to remote host
Netiq Privileged Account Manager
9.8
CVSSv3
CVE-2017-9285
NetIQ eDirectory prior to 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
Netiq Edirectory 9.0
Microfocus Edirectory
9.8
CVSSv3
CVE-2017-9278
The NetIQ Identity Manager Oracle EBS driver prior to 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
Netiq Identity Manager
9.8
CVSSv3
CVE-2017-7434
In the JDBC driver of NetIQ Identity Manager prior to 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.
Netiq Identity Manager
9.8
CVSSv3
CVE-2018-1342
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
9.8
CVSSv3
CVE-2017-14803
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
9.8
CVSSv3
CVE-2017-7432
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have a webshell upload vulnerability.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »