Edirectory Security Vulnerabilities and Issues — Edirectory CVE List

Lucene search

NetiqEdirectory

5 matches found

CVE•added 2017/04/27 2:59 p.m.•48 views

CVE-2017-5186

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.

7.5CVSS7.5AI score0.00468EPSS

CVE•added 2018/03/02 8:29 p.m.•35 views

CVE-2017-7429

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

8.8CVSS8.8AI score0.00205EPSS

CVE•added 2018/03/02 8:29 p.m.•34 views

CVE-2017-9285

NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.

9.8CVSS7.4AI score0.0022EPSS

CVE•added 2018/07/10 6:29 p.m.•34 views

CVE-2018-12461

Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.

7.5CVSS5.6AI score0.00095EPSS

CVE•added 2018/03/21 2:29 p.m.•28 views

CVE-2018-1346

Addresses denial of service attack to eDirectory versions prior to 9.1.

7.5CVSS5.5AI score0.00334EPSS