12 matches found
EUVD-2019-3317
Malware in sbrugna...
Micro Focus NetIQ Access Manager Installed (Windows)
Binary data microfocusnetiqaccessmanagerwininstalled.nbin...
Privilege escalation
File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL...
CVE-2022-26329
The vulnerability CVE-2022-26329 affects NetIQ Identity Manager plugin (prior to version 4.8.5). It is a File Presence Disclosure vulnerability that lets an attacker determine whether a file exists on the filesystem. Affected products: Micro Focus NetIQ Identity Manager Identity Manager versions ...
Micro Focus NetIQ Access Manager Cross-Site Scripting Vulnerability (CNVD-2022-76231)
Micro Focus NetIQ Access Manager is a resource access control solution from Micro Focus, a UK-based company. A cross-site scripting vulnerability exists in versions prior to Micro Focus NetIQ Access Manager 5.0.2, which stems from a lack of data validation filtering of user-supplied data and...
Micro Focus NetIQ Self Service Password Reset Cross-Site Scripting Vulnerability
Micro Focus NetIQ Self Service Password Reset is a web-based password management solution. A cross-site scripting vulnerability exists in Micro Focus NetIQ Self Service Password Reset versions prior to 4.4, which can be exploited by attackers to conduct cross-site scripting attacks...
CVE-2019-11648
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information...
Cross site scripting
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack...
CVE-2019-11647
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack...
Micro Focus NetIQ Identity Manager Information Disclosure Vulnerability
Micro Focus NetIQ Identity Manager is a suite of identity management solutions from Micro Focus in the United Kingdom. The solution provides the foundation for account provisioning, user self-service, authorization, and Web services, and supports data sharing and synchronization.NetIQ Identity...
Micro Focus NetIQ Sentinel Server SentinelContext Authentication Bypass (CVE-2016-1605)
The vulnerability is due to a flaw in SentinelContext Java class that allows a user to retrieve a valid authentication cookie from the vulnerable server by providing "admin" user name in an HTTP request. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted HTTP...
Micro Focus NetIQ Sentinel Server ReportViewServlet Directory Traversal (CVE-2016-1605)
The vulnerability is due to insufficient validation of fileName parameter within the ReportViewServlet servlet. A remote, authenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the target server. Successful exploitation allows the attacker to read the content ...