Filtered by vendor Netiq
Subscriptions
Total
73 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7431 | 2 Netiq, Novell | 2 Imanager, Imanager | 2025-04-20 | N/A |
| Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management. | ||||
| CVE-2017-7432 | 2 Netiq, Novell | 2 Imanager, Imanager | 2025-04-20 | N/A |
| Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. | ||||
| CVE-2017-5191 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 and 4.3 exists because Access Gateway Error pages do not validate the HTTP Referer header. | ||||
| CVE-2017-5190 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile. | ||||
| CVE-2017-5186 | 2 Netiq, Novell | 4 Edirectory, Imanager, Edirectory and 1 more | 2025-04-20 | N/A |
| Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate. | ||||
| CVE-2017-5183 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document. | ||||
| CVE-2016-1605 | 1 Netiq | 1 Sentinel | 2025-04-12 | N/A |
| Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileType field. | ||||
| CVE-2014-4509 | 1 Netiq | 1 Identity Manager | 2025-04-12 | N/A |
| The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | ||||
| CVE-2016-1592 | 1 Netiq | 1 Identity Manager | 2025-04-12 | N/A |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI. | ||||
| CVE-2015-0787 | 1 Netiq | 1 Identity Manager | 2025-04-12 | N/A |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI. | ||||
| CVE-2022-26329 | 1 Netiq | 1 Identity Manager | 2025-04-01 | 1.8 Low |
| File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL. | ||||
| CVE-2022-38758 | 1 Netiq | 1 Imanager | 2025-03-27 | 7.2 High |
| Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL. | ||||
| CVE-2024-1470 | 1 Netiq | 1 Client Login Extension | 2025-02-14 | 7.1 High |
| Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4.6. | ||||
| CVE-2020-11843 | 1 Netiq | 1 Access Manager | 2024-11-21 | 6.5 Medium |
| This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before | ||||
| CVE-2019-11648 | 1 Netiq | 1 Self Service Password Reset | 2024-11-21 | N/A |
| An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information. | ||||
| CVE-2018-7678 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. | ||||
| CVE-2018-7677 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | ||||
| CVE-2018-7676 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | ||||
| CVE-2018-7674 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. | ||||
| CVE-2018-7673 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | ||||