Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7429 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. | |||||
CVE-2018-12461 | 1 Netiq | 1 Edirectory | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation. | |||||
CVE-2018-1346 | 1 Netiq | 1 Edirectory | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Addresses denial of service attack to eDirectory versions prior to 9.1. | |||||
CVE-2017-9285 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. | |||||
CVE-2017-5186 | 2 Netiq, Novell | 4 Edirectory, Imanager, Edirectory and 1 more | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate. |