Lucene search
K
MicrofocusImanager

22 matches found

CVE
CVE
added 2024/11/22 3:34 p.m.63 views

CVE-2021-38119

OpenText iManager 3.2.4.0000 is affected by a Possible Reflected Cross-Site Scripting (XSS) vulnerability (CVE-2021-38119). Technical details across connected records confirm a reflected XSS issue in the web-based iManager interface. The PT-2024-10987 entry notes the vulnerability in OpenText iMa...

6.1CVSS6.1AI score0.003EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.60 views

CVE-2021-38116

CVE-2021-38116 affects OpenText OpenText iManager prior to version 3.2.5 and is described as a possible Elevation of Privilege vulnerability. The provided sources consistently indicate the issue impacts all versions before 3.2.5, with CVSS metrics from NVD and vendor sources showing a high severi...

8.8CVSS8.8AI score0.00602EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.57 views

CVE-2021-38134

CVE-2021-38134 : OpenText iManager 3.2.5.0000 has a reported cross-site scripting (XSS) issue in the iManager URL used for access. The connected PT Security advisory notes a possible XSS vulnerability in the iManager URL for the access component, with no public patch information available at this...

6.1CVSS6.1AI score0.00283EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.56 views

CVE-2023-24467

OpenText iManager 3.2.6.0000 is affected by CVE-2023-24467, described as a possible command injection in the iManager GET parameter. The issue is documented across multiple sources (NVD, Red Hat, CVE List, Vuln enrichment) with CVSS values indicating high to critical impact (network attack surfac...

9.8CVSS8.9AI score0.01075EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.55 views

CVE-2021-38117

CVE-2021-38117 affects OpenText iManager 3.2.4.0000. Provided connected records indicate a possible command injection vulnerability in the iManager component. CVSS scores in the sources show high severity (base 9.8/8.8 depending on metric, network attack with low complexity, no privileges, user i...

9.8CVSS9.1AI score0.01111EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.54 views

CVE-2021-38135

CVE-2021-38135 affects OpenText iManager 3.2.6.0000 with a described External Service Interaction attack. The connected documents provide only high-level vulnerability descriptions and version details; no concrete root-cause, vulnerable subcomponents, or exploit details are specified. Public scor...

9.8CVSS8.7AI score0.00443EPSS
CVE
CVE
added 2024/11/06 2:10 p.m.52 views

CVE-2020-11859

OpenText iManager CVE-2020-11859 is an Improper Input Validation vulnerability that enables Cross-Site Scripting (XSS) and affects iManager before 3.2.3. The vulnerability is documented across multiple sources (NVD, Red Hat) with the same affected condition: iManager versions prior to 3.2.3. The ...

7.6CVSS6.1AI score0.0033EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.52 views

CVE-2022-26324

CVE-2022-26324 affects OpenText iManager 3.2.6.0000, describing a possible cross-site scripting (XSS) vulnerability in the iManager URL for access. The CVSS metrics indicate a network-accessible, low-privilege, user-interaction-requiring issue with confidentiality/integrity impacts (C:L, I:L and ...

7.6CVSS7.3AI score0.00278EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.52 views

CVE-2023-24466

CVE-2023-24466 affects OpenText iManager 3.2.6.0200 with a possible XML External Entity Injection via the iManager GET parameter. The vulnerability is described across multiple sources as enabling an attack with high impact on confidentiality, integrity, and availability (per NVD and related CVSS...

9.8CVSS7.6AI score0.00528EPSS
CVE
CVE
added 2024/11/22 3:34 p.m.50 views

CVE-2021-38118

CVE-2021-38118 describes a possible improper input validation vulnerability in OpenText iManager 3.2.4.0000. Multiple sources (NVD, Red Hat, CVE listing) identify the affected product as OpenText iManager, with the issue located in the iManager component and related to input validation. The NVD e...

7.8CVSS5.6AI score0.0021EPSS
CVE
CVE
added 2024/05/15 4:44 p.m.44 views

CVE-2024-3483

CVE-2024-3483 affects OpenText iManager 3.2.6.0200, with a Remote Code Execution vulnerability that can trigger command injection and insecure deserialization. Public references in multiple feeds (NVD, Red Hat, CVE lists) corroborate RCE with high impact (C/H/I/A). The CVSS data indicates network...

9.8CVSS7.6AI score0.00983EPSS
CVE
CVE
added 2024/05/28 2:38 p.m.44 views

CVE-2024-3969

CVE-2024-3969 affects OpenText iManager 3.2.6.0200 and is described as an XML External Entity (XXE) injection vulnerability that could lead to remote code execution by parsing untrusted XML payloads. The public records indicate a CVSSv3.1 base score of 9.8 (CRITICAL) with network attack vector, n...

9.8CVSS8AI score0.005EPSS
CVE
CVE
added 2024/05/15 4:47 p.m.41 views

CVE-2024-3488

CVE-2024-3488 concerns OpenText iManager 3.2.6.0200 with a file-upload vulnerability in an unauthenticated session. Multiple connected sources confirm that an attacker could upload a file without authentication, potentially affecting confidentiality, integrity, and availability of the system as r...

9.8CVSS6.8AI score0.0037EPSS
CVE
CVE
added 2024/05/15 4:39 p.m.41 views

CVE-2024-3968

OpenText iManager 3.2.6.0200 is affected by CVE-2024-3968, a Remote Code Execution vulnerability that can be triggered via a custom file upload task. The vulnerability is documented with high-severity scores (NVD CVSSv3.1: 9.8/CRITICAL; Community security note with 7.8/HIGH) and indicates an atta...

9.8CVSS8AI score0.00672EPSS
CVE
CVE
added 2018/12/12 2:0 p.m.39 views

CVE-2018-17949

The CVE-2018-17949 entry corresponds to a cross-site scripting (XSS) vulnerability in Micro Focus NetIQ iManager prior to version 3.1 SP2. The cited CNVD/NVD records describe it as a web-based iManager vulnerability that can be exposed via the iManager web interface, with remote exposure and impa...

6.1CVSS6AI score0.00647EPSS
CVE
CVE
added 2024/05/15 4:46 p.m.39 views

CVE-2024-3486

CVE-2024-3486 describes an XML External Entity (XXE) injection vulnerability in OpenText iManager 3.2.6.0200. Public sources consistently identify the affected component as iManager, with the root cause being an XXE flaw that could enable information disclosure and remote code execution. The NVD ...

9.8CVSS7.4AI score0.00474EPSS
CVE
CVE
added 2024/05/15 4:47 p.m.39 views

CVE-2024-3487

CVE-2024-3487 affects OpenText iManager 3.2.6.0200. Multiple connected sources (PT-2024-26236) confirm a Broken Authentication issue that allows an attacker to manipulate certain parameters to bypass authentication, i.e., bypassing login controls. The record also notes there is currently no infor...

9.8CVSS6.8AI score0.00419EPSS
CVE
CVE
added 2024/05/15 4:45 p.m.36 views

CVE-2024-3485

The CVE-2024-3485 entry describes a Server-Side Request Forgery in OpenText iManager 3.2.6.0200. Affected software: OpenText iManager (version 3.2.6.0200). Issue: SSRF in the iManager component that could lead to disclosure of sensitive information. Documented exploit characteristics include CVSS...

7.5CVSS6.4AI score0.00257EPSS
CVE
CVE
added 2024/05/15 4:40 p.m.34 views

CVE-2024-3967

The CVE-2024-3967 entry concerns OpenText iManager 3.2.6.0200, where a vulnerability in unsafe Java object deserialization can lead to Remote Code Execution. Documented impact is High/CRITICAL per CVSS, with potential for execution without user interaction over NETWORK (NVD metrics) and adjacent ...

9.8CVSS7.9AI score0.00635EPSS
CVE
CVE
added 2024/05/15 4:44 p.m.32 views

CVE-2024-3484

CVE-2024-3484 affects OpenText iManager 3.2.6.0200 and is a path traversal vulnerability that can lead to privilege escalation or file disclosure. The available connected documents confirm the affected product and the underlying issue (path traversal) but do not provide concrete exploit details o...

9.8CVSS6.8AI score0.00507EPSS
CVE
CVE
added 2024/05/15 4:39 p.m.28 views

CVE-2024-3970

OpenText iManager 3.2.6.0200 is affected by a Server-Side Request Forgery vulnerability that could lead to sensitive information disclosure via directory traversal. The CVE-2024-3970 entry notes an exploitable condition with impact on confidentiality and requires no user interaction (CVSS v3.1: b...

7.5CVSS6.5AI score0.0051EPSS
CVE
CVE
added 2024/05/28 2:38 p.m.25 views

CVE-2024-4429

OpenText iManager 3.2.6.0200 is affected by a Cross-Site Request Forgery vulnerability. The issue could lead to sensitive information disclosure as described in CVE-2024-4429. Connected sources confirm the vulnerable component is the OpenText iManager web console, with the root cause tied to CSRF...

7.4CVSS5.2AI score0.00181EPSS