Filtered by vendor Netiq
Subscribe
Total
70 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1592 | 1 Netiq | 1 Identity Manager | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI. | |||||
| CVE-2014-4509 | 1 Netiq | 1 Identity Manager | 2025-04-12 | 4.6 MEDIUM | N/A |
| The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | |||||
| CVE-2015-0787 | 1 Netiq | 1 Identity Manager | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI. | |||||
| CVE-2016-1605 | 1 Netiq | 1 Sentinel | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileType field. | |||||
| CVE-2007-4526 | 2 Netiq, Novell | 2 Identity Manager, Client Login Extension \(cle\) | 2025-04-09 | 2.1 LOW | N/A |
| The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | |||||
| CVE-2005-1244 | 1 Netiq | 1 Pssecure | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this issue, saying that "neither NetIQ Security Manager nor our iSeries Security Solutions are vulnerable. | |||||
| CVE-2006-4506 | 1 Netiq | 1 Identity Manager | 2025-04-03 | 3.6 LOW | N/A |
| idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | |||||
| CVE-2006-4803 | 1 Netiq | 1 Identity Manager | 2025-04-03 | 7.2 HIGH | N/A |
| The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | |||||
| CVE-2024-1470 | 1 Netiq | 1 Client Login Extension | 2025-02-14 | N/A | 7.1 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4.6. | |||||
| CVE-2022-38758 | 1 Netiq | 1 Imanager | 2024-11-21 | N/A | 7.2 HIGH |
| Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL. | |||||
| CVE-2022-26329 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A | 1.8 LOW |
| File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL. | |||||
| CVE-2020-11843 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before | |||||
| CVE-2019-11648 | 1 Netiq | 1 Self Service Password Reset | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information. | |||||
| CVE-2018-7678 | 1 Netiq | 1 Access Manager | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. | |||||
| CVE-2018-7677 | 1 Netiq | 1 Access Manager | 2024-11-21 | 6.8 MEDIUM | 3.5 LOW |
| A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | |||||
| CVE-2018-7676 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 4.3 MEDIUM | 3.9 LOW |
| The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | |||||
| CVE-2018-7674 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 5.8 MEDIUM | 2.1 LOW |
| The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. | |||||
| CVE-2018-7673 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 5.0 MEDIUM | 5.1 MEDIUM |
| The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | |||||
| CVE-2018-1350 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 5.0 MEDIUM | 2.3 LOW |
| The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration. | |||||
| CVE-2018-1349 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 5.0 MEDIUM | 2.3 LOW |
| The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration. | |||||