Lucene search

NetIQ EDirectory Security Vulnerabilities

cve

CVE-2017-7429

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager...

8.8CVSS

8.7AI Score

0.002EPSS

2018-03-02 08:29 PM

cve

CVE-2017-5186

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications...

7.5CVSS

7.5AI Score

0.008EPSS

2017-04-27 02:59 PM

cve

CVE-2017-9285

NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory...

9.8CVSS

9.3AI Score

0.003EPSS

2018-03-02 08:29 PM

cve

CVE-2018-12461

Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate...

7.5CVSS

7.5AI Score

0.001EPSS

2018-07-10 06:29 PM

cve

CVE-2018-1346

Addresses denial of service attack to eDirectory versions prior to...

7.5CVSS

7.4AI Score

0.001EPSS

2018-03-21 02:29 PM

cve

CVE-2018-12480

Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4...

6.1CVSS

5.9AI Score

0.001EPSS

2018-11-15 01:29 PM

cve

CVE-2018-19645

An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to...

9.8CVSS

9.3AI Score

0.003EPSS

2019-02-12 08:29 PM

cve

CVE-2014-4509

The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell...

7.4AI Score

0.0004EPSS

2014-06-21 03:55 PM