3 matches found
CVE-2014-5217
CVE-2014-5217 affects NetIQ Access Manager (NAM) 4.x prior to 4.1. The CSRF in the webacc servlet allows an authenticated admin session to change the administrative password via fw.SetPassword. The vulnerability requires an authenticated administrator and is documented alongside other issues (XXE...
NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities
NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple high risk vulnerabilities product: NetIQ Access Manager vulnerable version: 4.0 SP1 fixed version: 4.0 SP...
NetIQ Access Manager < 4.0 SP1 Hot Fix 3 Multiple Vulnerabilities - Active Check
NetIQ Access Manager suffers from cross-site request forgery CSRF, XML external entity XXE injection, information disclosure, and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...