Openiam - Openiam CVE - OpenCVE

Filtered by vendor Openiam Subscriptions

Filtered by product Openiam Subscriptions

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-13419	1 Openiam	1 Openiam	2024-08-04	5.3 Medium
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task.
CVE-2020-13420	1 Openiam	1 Openiam	2024-08-04	9.8 Critical
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script.
CVE-2020-13418	1 Openiam	1 Openiam	2024-08-04	6.1 Medium
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature.
CVE-2020-13421	1 Openiam	1 Openiam	2024-08-04	9.8 Critical
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions.
CVE-2020-13422	1 Openiam	1 Openiam	2024-08-04	8.1 High
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative actions.

Page 1 of 1.