Identity Manager Security Vulnerabilities and Issues — Identity Manager CVE List

Lucene search

NetiqIdentity Manager

4 matches found

CVE•added 2018/03/05 4:29 p.m.•38 views

CVE-2017-7427

Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the Object Selector, v...

6.1CVSS6.1AI score0.00202EPSS

CVE•added 2018/03/28 2:29 p.m.•36 views

CVE-2018-7674

The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.

6.1CVSS4.9AI score0.002EPSS

CVE•added 2016/10/27 8:59 p.m.•33 views

CVE-2015-0787

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.

6.1CVSS6.1AI score0.00233EPSS

CVE•added 2016/10/27 8:59 p.m.•27 views

CVE-2016-1592

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.

6.1CVSS6.1AI score0.00233EPSS