Imanager Security Vulnerabilities and Issues — Imanager CVE List

Lucene search

MicrofocusImanager

21 matches found

CVE•added 2024/11/22 4:15 p.m.•47 views

CVE-2021-38119

Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered inOpenText™ iManager 3.2.4.0000.

6.1CVSS6.1AI score0.0004EPSS

CVE•added 2024/11/22 4:15 p.m.•44 views

CVE-2021-38116

Possible Elevation of Privilege Vulnerability in iManager has been discovered inOpenText™ iManager. This impacts all versions before 3.2.5

8.8CVSS8.8AI score0.00087EPSS

CVE•added 2024/11/22 4:15 p.m.•43 views

CVE-2021-38134

Possible XSS in iManager URL for access Component has been discovered inOpenText™ iManager 3.2.5.0000.

6.1CVSS6.1AI score0.0004EPSS

CVE•added 2024/11/22 4:15 p.m.•42 views

CVE-2021-38117

Possible Command injection Vulnerability in iManager has been discovered inOpenText™ iManager 3.2.4.0000.

9.8CVSS9.1AI score0.00583EPSS

CVE•added 2024/11/22 4:15 p.m.•42 views

CVE-2023-24466

Possible XML External Entity Injection in iManager GET parameter has been discovered inOpenText™ iManager 3.2.6.0200.

9.8CVSS7.6AI score0.00053EPSS

CVE•added 2024/11/22 4:15 p.m.•42 views

CVE-2023-24467

Possible Command Injection in iManager GET parameter has been discovered inOpenText™ iManager 3.2.6.0000.

9.8CVSS8.9AI score0.00583EPSS

CVE•added 2024/11/22 4:15 p.m.•41 views

CVE-2021-38118

Possible improper input validation Vulnerability in iManager has been discovered inOpenText™ iManager 3.2.4.0000.

7.8CVSS5.6AI score0.00023EPSS

CVE•added 2024/11/22 4:15 p.m.•41 views

CVE-2021-38135

PossibleExternal Service Interaction attack in iManager has been discovered inOpenText™ iManager 3.2.6.0000.

9.8CVSS8.7AI score0.00072EPSS

CVE•added 2024/11/22 4:15 p.m.•40 views

CVE-2022-26324

Possible XSS in iManager URL for access Component has been discovered inOpenText™ iManager 3.2.6.0000.

7.6CVSS7.3AI score0.0004EPSS

CVE•added 2024/11/06 2:15 p.m.•39 views

CVE-2020-11859

Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3

7.6CVSS6.1AI score0.00084EPSS

CVE•added 2024/05/28 3:15 p.m.•31 views

CVE-2024-3969

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload

9.8CVSS8AI score0.01166EPSS

CVE•added 2024/05/15 5:15 p.m.•29 views

CVE-2024-3483

Remote CodeExecution has been discovered inOpenText™ iManager 3.2.6.0200. The vulnerability cantrigger command injection and insecure deserialization issues.

9.8CVSS7.6AI score0.00125EPSS

CVE•added 2024/05/15 5:15 p.m.•28 views

CVE-2024-3968

Remote CodeExecution has been discovered inOpenText™ iManager 3.2.6.0200. The vulnerability cantrigger remote code execution using custom file upload task.

9.8CVSS8AI score0.01936EPSS

CVE•added 2024/05/15 5:15 p.m.•25 views

CVE-2024-3488

File Upload vulnerability in unauthenticatedsession found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload afile without authentication.

9.8CVSS6.8AI score0.00255EPSS

CVE•added 2024/05/15 5:15 p.m.•23 views

CVE-2024-3486

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code execution.

9.8CVSS7.4AI score0.02927EPSS

CVE•added 2024/05/15 5:15 p.m.•23 views

CVE-2024-3487

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. Thisvulnerability allows an attacker to manipulate certain parameters to bypassauthentication.

9.8CVSS6.8AI score0.00063EPSS

CVE•added 2024/05/15 5:15 p.m.•20 views

CVE-2024-3484

Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalationor file disclosure.

9.8CVSS6.8AI score0.0037EPSS

CVE•added 2024/05/15 5:15 p.m.•20 views

CVE-2024-3485

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Thiscould lead to senstive information disclosure.

7.5CVSS6.4AI score0.00132EPSS

CVE•added 2024/05/15 5:15 p.m.•18 views

CVE-2024-3967

Remote CodeExecution has been discovered inOpenText™ iManager 3.2.6.0200. The vulnerability cantrigger remote code execution unisng unsafe java object deserialization.

9.8CVSS7.9AI score0.00982EPSS

CVE•added 2024/05/15 5:15 p.m.•17 views

CVE-2024-3970

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Thiscould lead to senstive information disclosure by directory traversal.

7.5CVSS6.5AI score0.00036EPSS

CVE•added 2024/05/28 3:15 p.m.•14 views

CVE-2024-4429

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Thiscould lead to sensitive information disclosure.

7.4CVSS5.2AI score0.00093EPSS