Shodan
Vulnerabilities
Vulnerable Software
Netiq:  >> Identity Manager  >> 4.6  Security Vulnerabilities
CVE-2022-26329
File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL.
CVSS Score
1.8
EPSS Score
0.003
Published
2023-01-26
CVE-2017-9284
IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information.
CVSS Score
4.8
EPSS Score
0.003
Published
2018-04-26
CVE-2018-7674
The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.
CVSS Score
2.1
EPSS Score
0.002
Published
2018-03-28
CVE-2018-7676
The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information.
CVSS Score
3.9
EPSS Score
0.003
Published
2018-03-28
CVE-2018-1348
NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-03-26
CVE-2018-1349
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration.
CVSS Score
2.3
EPSS Score
0.002
Published
2018-03-26
CVE-2018-1350
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration.
CVSS Score
2.3
EPSS Score
0.002
Published
2018-03-26
CVE-2018-7673
The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack.
CVSS Score
5.1
EPSS Score
0.002
Published
2018-03-26
CVE-2017-7427
Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the Object Selector, via vdtData in the Version discovery and via nextFrame in the Object Inspector and via Host GUID in the System details plugins.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-05
CVE-2017-7426
The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved