Lucene search

K
MicrofocusAccess Manager

16 matches found

CVE
CVE
added 2021/03/26 2:15 p.m.975 views

CVE-2021-22506

Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.

7.5CVSS7.6AI score0.37554EPSS
CVE
CVE
added 2014/12/23 11:59 a.m.54 views

CVE-2014-5217

Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword a...

6.8CVSS7.2AI score0.00186EPSS
CVE
CVE
added 2022/05/12 7:15 p.m.54 views

CVE-2021-22531

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0

6.1CVSS5.9AI score0.00228EPSS
CVE
CVE
added 2014/12/23 11:59 a.m.40 views

CVE-2014-5216

Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the error parameter to nidp/jsp/x509err.jsp, (3) the l...

4.3CVSS5.6AI score0.07091EPSS
CVE
CVE
added 2014/12/23 11:59 a.m.39 views

CVE-2014-9412

Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a ...

4.3CVSS5.6AI score0.07091EPSS
CVE
CVE
added 2018/11/15 1:29 p.m.39 views

CVE-2018-12480

Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.

6.1CVSS6AI score0.0024EPSS
CVE
CVE
added 2018/11/20 6:29 p.m.39 views

CVE-2018-17948

An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3.

6.1CVSS6.2AI score0.002EPSS
CVE
CVE
added 2014/12/23 11:59 a.m.37 views

CVE-2014-5214

nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query parameter containing an XML external entity declaration in conjunction with an entity reference, relat...

4CVSS6.2AI score0.005EPSS
CVE
CVE
added 2014/12/23 11:59 a.m.36 views

CVE-2014-5215

NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.

4CVSS6.2AI score0.00359EPSS
CVE
CVE
added 2021/03/26 2:15 p.m.36 views

CVE-2020-25840

Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction.

6.1CVSS6.2AI score0.00328EPSS
CVE
CVE
added 2021/09/13 12:15 p.m.32 views

CVE-2021-22526

Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

6.1CVSS5.6AI score0.00144EPSS
CVE
CVE
added 2021/09/13 12:15 p.m.30 views

CVE-2021-22524

Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

5.4CVSS5.3AI score0.00198EPSS
CVE
CVE
added 2021/09/13 12:15 p.m.30 views

CVE-2021-22527

Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

7.5CVSS6.6AI score0.00317EPSS
CVE
CVE
added 2021/09/13 12:15 p.m.30 views

CVE-2021-22528

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

8CVSS5.5AI score0.00355EPSS
CVE
CVE
added 2021/03/25 4:15 p.m.29 views

CVE-2021-22496

Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage.

7.5CVSS7.3AI score0.00279EPSS
CVE
CVE
added 2021/09/02 5:15 p.m.28 views

CVE-2021-22525

This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1

5.5CVSS5.3AI score0.00052EPSS