Filtered by vendor Netiq
Subscribe
Total
69 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4509 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 4.6 MEDIUM | N/A |
| The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | |||||
| CVE-2007-4526 | 2 Netiq, Novell | 2 Identity Manager, Client Login Extension \(cle\) | 2024-11-21 | 2.1 LOW | N/A |
| The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | |||||
| CVE-2006-4803 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 7.2 HIGH | N/A |
| The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | |||||
| CVE-2006-4506 | 1 Netiq | 1 Identity Manager | 2024-11-21 | 3.6 LOW | N/A |
| idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | |||||
| CVE-2005-1244 | 1 Netiq | 1 Pssecure | 2024-11-20 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this issue, saying that "neither NetIQ Security Manager nor our iSeries Security Solutions are vulnerable. | |||||
| CVE-2022-26322 | 1 Netiq | 1 Identity Manager Rest Driver | 2024-10-02 | N/A | 7.5 HIGH |
| Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has been discovered in OpenTextâ„¢ Identity Manager REST Driver. This impact version before 1.1.2.0200. | |||||
| CVE-2020-11843 | 1 Netiq | 1 Access Manager | 2024-08-23 | N/A | 6.5 MEDIUM |
| This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before | |||||
| CVE-2022-38758 | 1 Netiq | 1 Imanager | 2024-02-28 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL. | |||||
| CVE-2022-26329 | 1 Netiq | 1 Identity Manager | 2024-02-28 | N/A | 5.3 MEDIUM |
| File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL. | |||||