Shodan
Vulnerabilities
Vulnerable Software
Microfocus:  Security Vulnerabilities
CVE-2021-22509
A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1
CVSS Score
8.1
EPSS Score
0.001
Published
2024-08-28
CVE-2020-11846
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.
CVSS Score
8.7
EPSS Score
0.001
Published
2024-08-21
CVE-2020-11847
SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1.
CVSS Score
8.2
EPSS Score
0.001
Published
2024-08-21
CVE-2020-11850
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6
CVSS Score
7.3
EPSS Score
0.001
Published
2024-08-21
CVE-2024-4429
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-05-28
CVE-2024-3969
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload
CVSS Score
7.8
EPSS Score
0.012
Published
2024-05-28
CVE-2024-3970
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-05-15
CVE-2024-3487
Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication.
CVSS Score
3.5
EPSS Score
0.001
Published
2024-05-15
CVE-2024-3488
File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication.
CVSS Score
5.6
EPSS Score
0.003
Published
2024-05-15
CVE-2024-3967
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization.
CVSS Score
7.6
EPSS Score
0.011
Published
2024-05-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved