Vulnerabilities (CVE)

Filtered by vendor Microfocus Subscribe
Filtered by product Edirectory
Total 16 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7692 1 Microfocus 1 Edirectory 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
CVE-2018-7686 1 Microfocus 1 Edirectory 2024-11-21 5.0 MEDIUM 7.5 HIGH
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
CVE-2018-17952 1 Microfocus 1 Edirectory 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross site scripting vulnerability in eDirectory prior to 9.1 SP2
CVE-2018-17950 1 Microfocus 1 Edirectory 2024-11-21 5.0 MEDIUM 7.5 HIGH
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
CVE-2017-9285 2 Microfocus, Netiq 2 Edirectory, Edirectory 2024-11-21 7.5 HIGH 5.4 MEDIUM
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
CVE-2017-7429 2 Microfocus, Netiq 2 Edirectory, Edirectory 2024-11-21 6.5 MEDIUM 8.8 HIGH
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
CVE-2012-0432 1 Microfocus 1 Edirectory 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2012-0430 1 Microfocus 1 Edirectory 2024-11-21 6.4 MEDIUM N/A
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
CVE-2012-0429 1 Microfocus 1 Edirectory 2024-11-21 4.0 MEDIUM N/A
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.
CVE-2012-0428 1 Microfocus 1 Edirectory 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2021-22503 1 Microfocus 1 Edirectory 2024-09-19 N/A 6.1 MEDIUM
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.
CVE-2021-22533 1 Microfocus 1 Edirectory 2024-09-19 N/A 9.1 CRITICAL
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000.
CVE-2021-22532 1 Microfocus 1 Edirectory 2024-09-19 N/A 7.5 HIGH
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.
CVE-2021-38133 1 Microfocus 1 Edirectory 2024-09-18 N/A 6.5 MEDIUM
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2021-38132 1 Microfocus 1 Edirectory 2024-09-18 N/A 9.8 CRITICAL
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2021-38131 1 Microfocus 1 Edirectory 2024-09-18 N/A 6.1 MEDIUM
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000.