22 matches found
CVE-2021-38119
OpenText iManager 3.2.4.0000 is affected by a Possible Reflected Cross-Site Scripting (XSS) vulnerability (CVE-2021-38119). Technical details across connected records confirm a reflected XSS issue in the web-based iManager interface. The PT-2024-10987 entry notes the vulnerability in OpenText iMa...
CVE-2021-38116
CVE-2021-38116 affects OpenText OpenText iManager prior to version 3.2.5 and is described as a possible Elevation of Privilege vulnerability. The provided sources consistently indicate the issue impacts all versions before 3.2.5, with CVSS metrics from NVD and vendor sources showing a high severi...
CVE-2021-38134
CVE-2021-38134 : OpenText iManager 3.2.5.0000 has a reported cross-site scripting (XSS) issue in the iManager URL used for access. The connected PT Security advisory notes a possible XSS vulnerability in the iManager URL for the access component, with no public patch information available at this...
CVE-2023-24467
OpenText iManager 3.2.6.0000 is affected by CVE-2023-24467, described as a possible command injection in the iManager GET parameter. The issue is documented across multiple sources (NVD, Red Hat, CVE List, Vuln enrichment) with CVSS values indicating high to critical impact (network attack surfac...
CVE-2021-38117
CVE-2021-38117 affects OpenText iManager 3.2.4.0000. Provided connected records indicate a possible command injection vulnerability in the iManager component. CVSS scores in the sources show high severity (base 9.8/8.8 depending on metric, network attack with low complexity, no privileges, user i...
CVE-2021-38135
CVE-2021-38135 affects OpenText iManager 3.2.6.0000 with a described External Service Interaction attack. The connected documents provide only high-level vulnerability descriptions and version details; no concrete root-cause, vulnerable subcomponents, or exploit details are specified. Public scor...
CVE-2020-11859
OpenText iManager CVE-2020-11859 is an Improper Input Validation vulnerability that enables Cross-Site Scripting (XSS) and affects iManager before 3.2.3. The vulnerability is documented across multiple sources (NVD, Red Hat) with the same affected condition: iManager versions prior to 3.2.3. The ...
CVE-2022-26324
CVE-2022-26324 affects OpenText iManager 3.2.6.0000, describing a possible cross-site scripting (XSS) vulnerability in the iManager URL for access. The CVSS metrics indicate a network-accessible, low-privilege, user-interaction-requiring issue with confidentiality/integrity impacts (C:L, I:L and ...
CVE-2023-24466
CVE-2023-24466 affects OpenText iManager 3.2.6.0200 with a possible XML External Entity Injection via the iManager GET parameter. The vulnerability is described across multiple sources as enabling an attack with high impact on confidentiality, integrity, and availability (per NVD and related CVSS...
CVE-2021-38118
CVE-2021-38118 describes a possible improper input validation vulnerability in OpenText iManager 3.2.4.0000. Multiple sources (NVD, Red Hat, CVE listing) identify the affected product as OpenText iManager, with the issue located in the iManager component and related to input validation. The NVD e...
CVE-2024-3483
CVE-2024-3483 affects OpenText iManager 3.2.6.0200, with a Remote Code Execution vulnerability that can trigger command injection and insecure deserialization. Public references in multiple feeds (NVD, Red Hat, CVE lists) corroborate RCE with high impact (C/H/I/A). The CVSS data indicates network...
CVE-2024-3969
CVE-2024-3969 affects OpenText iManager 3.2.6.0200 and is described as an XML External Entity (XXE) injection vulnerability that could lead to remote code execution by parsing untrusted XML payloads. The public records indicate a CVSSv3.1 base score of 9.8 (CRITICAL) with network attack vector, n...
CVE-2024-3488
CVE-2024-3488 concerns OpenText iManager 3.2.6.0200 with a file-upload vulnerability in an unauthenticated session. Multiple connected sources confirm that an attacker could upload a file without authentication, potentially affecting confidentiality, integrity, and availability of the system as r...
CVE-2024-3968
OpenText iManager 3.2.6.0200 is affected by CVE-2024-3968, a Remote Code Execution vulnerability that can be triggered via a custom file upload task. The vulnerability is documented with high-severity scores (NVD CVSSv3.1: 9.8/CRITICAL; Community security note with 7.8/HIGH) and indicates an atta...
CVE-2018-17949
The CVE-2018-17949 entry corresponds to a cross-site scripting (XSS) vulnerability in Micro Focus NetIQ iManager prior to version 3.1 SP2. The cited CNVD/NVD records describe it as a web-based iManager vulnerability that can be exposed via the iManager web interface, with remote exposure and impa...
CVE-2024-3486
CVE-2024-3486 describes an XML External Entity (XXE) injection vulnerability in OpenText iManager 3.2.6.0200. Public sources consistently identify the affected component as iManager, with the root cause being an XXE flaw that could enable information disclosure and remote code execution. The NVD ...
CVE-2024-3487
CVE-2024-3487 affects OpenText iManager 3.2.6.0200. Multiple connected sources (PT-2024-26236) confirm a Broken Authentication issue that allows an attacker to manipulate certain parameters to bypass authentication, i.e., bypassing login controls. The record also notes there is currently no infor...
CVE-2024-3485
The CVE-2024-3485 entry describes a Server-Side Request Forgery in OpenText iManager 3.2.6.0200. Affected software: OpenText iManager (version 3.2.6.0200). Issue: SSRF in the iManager component that could lead to disclosure of sensitive information. Documented exploit characteristics include CVSS...
CVE-2024-3967
The CVE-2024-3967 entry concerns OpenText iManager 3.2.6.0200, where a vulnerability in unsafe Java object deserialization can lead to Remote Code Execution. Documented impact is High/CRITICAL per CVSS, with potential for execution without user interaction over NETWORK (NVD metrics) and adjacent ...
CVE-2024-3484
CVE-2024-3484 affects OpenText iManager 3.2.6.0200 and is a path traversal vulnerability that can lead to privilege escalation or file disclosure. The available connected documents confirm the affected product and the underlying issue (path traversal) but do not provide concrete exploit details o...
CVE-2024-3970
OpenText iManager 3.2.6.0200 is affected by a Server-Side Request Forgery vulnerability that could lead to sensitive information disclosure via directory traversal. The CVE-2024-3970 entry notes an exploitable condition with impact on confidentiality and requires no user interaction (CVSS v3.1: b...
CVE-2024-4429
OpenText iManager 3.2.6.0200 is affected by a Cross-Site Request Forgery vulnerability. The issue could lead to sensitive information disclosure as described in CVE-2024-4429. Connected sources confirm the vulnerable component is the OpenText iManager web console, with the root cause tied to CSRF...