Access Manager Security Vulnerabilities and Issues — Access Manager CVE List

Lucene search

MicrofocusAccess Manager

6 matches found

CVE•added 2014/12/23 11:59 a.m.•54 views

CVE-2014-5217

Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword a...

6.8CVSS7.2AI score0.00186EPSS

CVE•added 2022/05/12 7:15 p.m.•54 views

CVE-2021-22531

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0

6.1CVSS5.9AI score0.00228EPSS

CVE•added 2018/11/15 1:29 p.m.•39 views

CVE-2018-12480

Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.

6.1CVSS6AI score0.0024EPSS

CVE•added 2018/11/20 6:29 p.m.•39 views

CVE-2018-17948

An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3.

6.1CVSS6.2AI score0.002EPSS

CVE•added 2021/03/26 2:15 p.m.•36 views

CVE-2020-25840

Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction.

6.1CVSS6.2AI score0.00328EPSS

CVE•added 2021/09/13 12:15 p.m.•32 views

CVE-2021-22526

Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

6.1CVSS5.6AI score0.00144EPSS