Edirectory Security Vulnerabilities and Issues — Edirectory CVE List

Lucene search

MicrofocusEdirectory

16 matches found

CVE•added 2012/12/25 12:13 p.m.•127 views

CVE-2012-0432

Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.

10CVSS7.1AI score0.85177EPSS

CVE•added 2024/09/12 1:15 p.m.•53 views

CVE-2021-22532

Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered inOpenText™eDirectory before 9.2.4.0000.

7.6CVSS7.5AI score0.00232EPSS

CVE•added 2012/12/25 12:13 p.m.•45 views

CVE-2012-0430

Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.

6.4CVSS6.7AI score0.00277EPSS

CVE•added 2024/09/12 1:15 p.m.•43 views

CVE-2021-22533

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered inOpenText™ eDirectory 9.2.4.0000.

9.1CVSS6.9AI score0.00131EPSS

CVE•added 2024/09/12 1:15 p.m.•42 views

CVE-2021-38133

PossibleExternal Service Interaction attack in eDirectory has been discovered inOpenText™ eDirectory. This impact all version before 9.2.6.0000.

7.4CVSS6.9AI score0.00092EPSS

CVE•added 2012/12/25 12:13 p.m.•38 views

CVE-2012-0428

Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00256EPSS

CVE•added 2024/09/12 1:15 p.m.•38 views

CVE-2021-38132

PossibleExternal Service Interaction attack in eDirectory has been discovered inOpenText™ eDirectory. This impact all version before 9.2.6.0000.

9.8CVSS5.8AI score0.00165EPSS

CVE•added 2012/12/25 12:13 p.m.•37 views

CVE-2012-0429

dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.

4CVSS6.3AI score0.00625EPSS

CVE•added 2018/03/02 8:29 p.m.•35 views

CVE-2017-7429

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

8.8CVSS8.8AI score0.00205EPSS

CVE•added 2024/09/12 1:15 p.m.•35 views

CVE-2021-38131

Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered inOpenText™ eDirectory 9.2.5.0000.

6.1CVSS5.5AI score0.0007EPSS

CVE•added 2018/03/02 8:29 p.m.•34 views

CVE-2017-9285

NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.

9.8CVSS7.4AI score0.0022EPSS

CVE•added 2018/12/12 2:29 p.m.•34 views

CVE-2018-17952

Cross site scripting vulnerability in eDirectory prior to 9.1 SP2

6.1CVSS6AI score0.0024EPSS

CVE•added 2024/09/12 1:15 p.m.•34 views

CVE-2021-22503

PossibleImproper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered inOpenText™ eDirectory 9.2.3.0000.

6.1CVSS5.7AI score0.0007EPSS

CVE•added 2018/08/09 9:29 p.m.•33 views

CVE-2018-7686

Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.

7.5CVSS7.4AI score0.00316EPSS

CVE•added 2018/08/09 9:29 p.m.•31 views

CVE-2018-7692

Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.

6.1CVSS6.2AI score0.002EPSS

CVE•added 2018/12/12 2:29 p.m.•29 views

CVE-2018-17950

Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2

7.5CVSS7.5AI score0.00198EPSS