Lucene search

[email protected]CVE-2022-38758

HistoryJan 26, 2023 - 9:15 p.m.

CVE-2022-38758

2023-01-2621:15:49

CWE-79

[email protected]

web.nvd.nist.gov

cve-2022-38758

cross-site scripting

xss vulnerability

netiq imanager

nvd

security

micro focus

7.2 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L

0.001 Low

EPSS

Percentile

27.3%

JSON

Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user’s browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.

Affected configurations

NVD

Node

netiqimanagerRange<3.2.6

CPENameOperatorVersion
netiq:imanagernetiq imanagerlt3.2.6

CPE	Name	Operator	Version
netiq:imanager	netiq imanager	lt	3.2.6

CNA Affected

[
  {
    "vendor": "Micro Focus",
    "product": "NetIQ iManager",
    "versions": [
      {
        "version": "NetIQ iManager",
        "status": "affected",
        "lessThan": "3.2.6",
        "versionType": "custom"
      }
    ],
    "platforms": [
      "ALL"
    ]
  }
]

References

www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html

7.2 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L

0.001 Low

EPSS

Percentile

27.3%

JSON

Related for CVE-2022-38758

prion1 cvelist1 nvd1