Access Manager@* Security Vulnerabilities and Issues — Access Manager@* CVE List

Lucene search

NetiqAccess Manager*

4 matches found

CVE•added 2018/03/01 8:29 p.m.•46 views

CVE-2017-14799

A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page.

6.1CVSS5.3AI score0.00182EPSS

CVE•added 2018/03/02 8:29 p.m.•41 views

CVE-2017-14801

Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter.

6.1CVSS5.2AI score0.00182EPSS

CVE•added 2018/03/01 8:29 p.m.•39 views

CVE-2017-14800

A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.

6.1CVSS5.9AI score0.00199EPSS

CVE•added 2018/03/02 8:29 p.m.•35 views

CVE-2017-9276

Novell Access Manager iManager before 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.

6.1CVSS5.8AI score0.00202EPSS