Filtered by vendor Netiq
Subscribe
Total
68 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1244 | 1 Netiq | 1 Pssecure | 2024-05-17 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this issue, saying that "neither NetIQ Security Manager nor our iSeries Security Solutions are vulnerable. | |||||
| CVE-2023-24468 | 1 Netiq | 1 Advanced Authentication | 2023-11-07 | N/A | 9.8 CRITICAL |
| Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 | |||||
| CVE-2022-38758 | 1 Netiq | 1 Imanager | 2023-11-07 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL. | |||||
| CVE-2022-26329 | 1 Netiq | 1 Identity Manager | 2023-11-07 | N/A | 5.3 MEDIUM |
| File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL. | |||||
| CVE-2019-11648 | 1 Netiq | 1 Self Service Password Reset | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information. | |||||
| CVE-2018-7678 | 1 Netiq | 1 Access Manager | 2023-11-07 | 3.5 LOW | 4.8 MEDIUM |
| A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. | |||||
| CVE-2018-7677 | 1 Netiq | 1 Access Manager | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | |||||
| CVE-2018-7676 | 1 Netiq | 1 Identity Manager | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | |||||
| CVE-2018-7674 | 1 Netiq | 1 Identity Manager | 2023-11-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. | |||||
| CVE-2018-7673 | 1 Netiq | 1 Identity Manager | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | |||||
| CVE-2018-1350 | 1 Netiq | 1 Identity Manager | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration. | |||||
| CVE-2018-1349 | 1 Netiq | 1 Identity Manager | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration. | |||||
| CVE-2018-1348 | 1 Netiq | 1 Identity Manager | 2023-11-07 | 5.8 MEDIUM | 7.4 HIGH |
| NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack. | |||||
| CVE-2018-1347 | 1 Netiq | 1 Imanager | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting. | |||||
| CVE-2018-1346 | 1 Netiq | 1 Edirectory | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Addresses denial of service attack to eDirectory versions prior to 9.1. | |||||
| CVE-2018-1345 | 1 Netiq | 1 Imanager | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. | |||||
| CVE-2018-1344 | 1 Netiq | 1 Imanager | 2023-11-07 | 5.0 MEDIUM | 8.6 HIGH |
| Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1 | |||||
| CVE-2018-1343 | 1 Netiq | 1 Privileged Account Manager | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| PAM exposure enabling unauthenticated access to remote host | |||||
| CVE-2018-1342 | 1 Netiq | 1 Access Manager | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console. | |||||
| CVE-2018-12462 | 1 Netiq | 1 Imanager | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. | |||||