Filtered by vendor Netiq
Subscriptions
Total
72 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1597 | 1 Netiq | 1 Access Governance Suite | 2024-11-21 | N/A |
| A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. | ||||
| CVE-2016-1592 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI. | ||||
| CVE-2015-0787 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI. | ||||
| CVE-2014-4509 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | ||||
| CVE-2007-4526 | 2 Netiq, Novell | 2 Identity Manager, Client Login Extension \(cle\) | 2024-11-21 | N/A |
| The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | ||||
| CVE-2006-4803 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | ||||
| CVE-2006-4506 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | ||||
| CVE-2005-1244 | 1 Netiq | 1 Pssecure | 2024-11-20 | N/A |
| Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this issue, saying that "neither NetIQ Security Manager nor our iSeries Security Solutions are vulnerable. | ||||
| CVE-2022-26322 | 1 Netiq | 1 Identity Manager Rest Driver | 2024-10-02 | 4.9 Medium |
| Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has been discovered in OpenText™ Identity Manager REST Driver. This impact version before 1.1.2.0200. | ||||
| CVE-2024-4554 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-19 | 7.3 High |
| Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1. | ||||
| CVE-2024-4555 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-12 | 7.7 High |
| Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | ||||
| CVE-2024-4556 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-12 | 5.7 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | ||||