Netiq: >> Imanager >> 2.7.7 Security Vulnerabilities
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.
CVSS Score
7.2
EPSS Score
0.004
Published
2023-01-26
Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1
CVSS Score
3.1
EPSS Score
0.002
Published
2018-03-21
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
CVSS Score
5.9
EPSS Score
0.001
Published
2018-03-21
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-03-21
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
CVSS Score
4.3
EPSS Score
0.002
Published
2018-03-02