Filtered by vendor Netiq
Subscriptions
Filtered by product Access Manager
Subscriptions
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-5751 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
An unfiltered finalizer target URL in the SAML processing feature in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 could be used to trigger XSS and leak authentication credentials. | ||||
CVE-2016-5750 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users. | ||||
CVE-2016-5749 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack. | ||||
CVE-2016-5748 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local files to logged-in users. | ||||
CVE-2024-4554 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-19 | 7.3 High |
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1. | ||||
CVE-2024-4555 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-12 | 7.7 High |
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | ||||
CVE-2024-4556 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-12 | 5.7 Medium |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. |