Netiq: Security Vulnerabilities
The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.
CVSS Score
2.1
EPSS Score
0.002
Published
2018-03-28
The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information.
CVSS Score
3.9
EPSS Score
0.003
Published
2018-03-28
NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-03-26
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration.
CVSS Score
2.3
EPSS Score
0.002
Published
2018-03-26
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration.
CVSS Score
2.3
EPSS Score
0.002
Published
2018-03-26
The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack.
CVSS Score
5.1
EPSS Score
0.002
Published
2018-03-26
Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1
CVSS Score
3.1
EPSS Score
0.002
Published
2018-03-21
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
CVSS Score
5.9
EPSS Score
0.001
Published
2018-03-21
Addresses denial of service attack to eDirectory versions prior to 9.1.
CVSS Score
3.1
EPSS Score
0.003
Published
2018-03-21
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-03-21