Lucene search
K
MicrofocusEdirectory

16 matches found

CVE
CVE
added 2012/12/25 11:0 a.m.146 views

CVE-2012-0432

CVE-2012-0432 describes a stack-based buffer overflow in the NetIQ eDirectory (Novell eDirectory) NCP stack (ndsd) for version 8.8.7.x prior to 8.8.7.2. The root cause is improper bounds checking in the NCP handling (KeyedObjectLogin path), enabling remote attackers to cause a likely remote code ...

10CVSS7.1AI score0.58702EPSS
CVE
CVE
added 2024/09/12 12:44 p.m.66 views

CVE-2021-22532

OpenText eDirectory is affected by CVE-2021-22532, with a possible NLDAP Denial of Service vulnerability in OpenText eDirectory before 9.2.4.0000. Connected sources (RH, NVD, CVE lists) consistently describe this as a network-based issue that can impact availability, originating from NLDAP proces...

7.6CVSS7.5AI score0.00369EPSS
CVE
CVE
added 2024/09/12 12:43 p.m.60 views

CVE-2021-22533

OpenText eDirectory 9.2.4.0000 is affected by CVE-2021-22533, described as a vulnerability that could allow insertion of sensitive information into log files. The issue targets the logging mechanism in eDirectory and is documented across multiple sources (including NVD/Red Hat pages). The CVE’s i...

9.1CVSS6.9AI score0.00438EPSS
CVE
CVE
added 2012/12/25 11:0 a.m.56 views

CVE-2012-0430

CVE-2012-0430 affects NetIQ eDirectory 8.8.6.x (before 8.8.6.7) and 8.8.7.x (before 8.8.7.2) on Windows. The vulnerability allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. Multiple connected sources corroborate this CVE as part of a se...

6.4CVSS6.7AI score0.02207EPSS
CVE
CVE
added 2018/12/12 2:0 p.m.56 views

CVE-2018-17950

CVE-2018-17950: Affects NetIQ eDirectory prior to version 9.1 SP2. The issue is an authorization check error where checks are not enforced correctly, enabling potential integrity impact (I = HIGH) without credentials over a network (attack vector: NETWORK, complexity: LOW). The NVD metrics descri...

7.5CVSS7.5AI score0.00834EPSS
CVE
CVE
added 2024/09/12 12:41 p.m.56 views

CVE-2021-38133

OpenText eDirectory is affected by CVE-2021-38133 in versions prior to 9.2.6.0000. The vulnerability is described as an External Service Interaction attack affecting authentication, with CVSS v3.1 base scores indicating high/medium severity (C:H, UI:R, network attack). Root cause is not explicitl...

7.4CVSS6.9AI score0.00326EPSS
CVE
CVE
added 2024/09/12 12:42 p.m.52 views

CVE-2021-38132

CVE-2021-38132 affects OpenText eDirectory prior to version 9.2.6.0000. The vulnerability is described as an External Service Interaction in eDirectory, with the NVD metric set to CVSSv3.1: 9.8 (CRITICAL) impact on confidentiality, integrity, and availability, attack vector NETWORK, no privileges...

9.8CVSS5.8AI score0.00396EPSS
CVE
CVE
added 2024/09/12 12:42 p.m.49 views

CVE-2021-38131

CVE-2021-38131 is an XSS vulnerability reported in OpenText OpenText eDirectory 9.2.5.0000. The provided documents consistently identify a cross-site scripting issue in this version; no further technical specifics (e.g., vulnerable component, root cause) or exploit details are given. CVSS referen...

6.1CVSS5.5AI score0.00231EPSS
CVE
CVE
added 2012/12/25 11:0 a.m.48 views

CVE-2012-0428

CVE-2012-0428 affects NetIQ eDirectory 8.8.x: a Cross-site Scripting (XSS) vulnerability in the web interface allows remote attackers to inject arbitrary script/HTML via unspecified vectors. The vulnerability exists in 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2, with the impact on the user...

4.3CVSS5.7AI score0.01792EPSS
CVE
CVE
added 2024/09/12 12:44 p.m.48 views

CVE-2021-22503

CVE-2021-22503 corresponds to a vulnerability in OpenText eDirectory 9.2.3.0000 related to improper neutralization of input during web page generation. Multiple sources (NVD, Red Hat advisory) describe the issue as affecting eDirectory and provide CVSS metrics: NETWORK attack, LOW to MEDIUM impac...

6.1CVSS5.7AI score0.00231EPSS
CVE
CVE
added 2018/12/12 2:0 p.m.46 views

CVE-2018-17952

CVE-2018-17952 is a cross-site scripting vulnerability in Micro Focus NetIQ eDirectory versions prior to 9.1 SP2. The NVD entry lists a CVSS‑3 base score of 6.1 (MEDIUM) with network attack, low complexity, no privileges required, but user interaction required, and low impacts to confidentiality ...

6.1CVSS6AI score0.00647EPSS
CVE
CVE
added 2012/12/25 11:0 a.m.45 views

CVE-2012-0429

CVE-2012-0429 affects NetIQ/Novell eDirectory 8.8.6.x (before 8.8.6.7) and 8.8.7.x (before 8.8.7.2) on Windows. The vulnerability is in the dhost component where crafted characters in an HTTP request allow remote authenticated users to trigger a denial of service (daemon crash). Impact as reporte...

4CVSS6.3AI score0.01878EPSS
CVE
CVE
added 2018/03/02 8:0 p.m.45 views

CVE-2017-7429

The CVE concerns NetIQ eDirectory PKI plugin prior to 8.8.8 Patch 10 Hotfix 1, where the certificate upload function can be abused to upload JSP code. This allows an authenticated attacker to execute JSP applets on the iManager server. Affected product: Micro Focus NetIQ eDirectory PKI plugin (ve...

8.8CVSS8.8AI score0.00858EPSS
CVE
CVE
added 2018/03/02 8:0 p.m.44 views

CVE-2017-9285

NetIQ eDirectory is affected on versions before 9.0 SP4 where the ebaclient login path did not enforce login restrictions, enabling unpermitted access to eDirectory services. Root cause: inadequate enforcement of authentication when ebaclient is used. Impact: potential exposure of confidential da...

9.8CVSS7.4AI score0.01212EPSS
CVE
CVE
added 2018/08/09 9:0 p.m.44 views

CVE-2018-7686

NetIQ eDirectory prior to 9.1.1 HF1 is affected by an information disclosure vulnerability caused by shared memory usage. Exploitation could allow an attacker to obtain partial/confidential information via network access. The CVSS data indicates a network-based attack with high impact on confiden...

7.5CVSS7.4AI score0.01392EPSS
CVE
CVE
added 2018/08/09 9:0 p.m.40 views

CVE-2018-7692

CVE-2018-7692 is an unvalidated redirect vulnerability in Micro Focus NetIQ eDirectory prior to 9.1.1 HF1. The connected SUSE/CNVD entries confirm an open redirect issue in eDirectory versions before 9.1.1 HF1, caused by insufficient validation of redirect targets. Impact details in the sources i...

6.1CVSS6.2AI score0.00648EPSS