Identity Manager Security Vulnerabilities and Issues — Identity Manager CVE List

Lucene search

NetiqIdentity Manager

5 matches found

CVE•added 2018/03/02 8:29 p.m.•38 views

CVE-2017-9280

Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.

7.5CVSS5.8AI score0.00215EPSS

CVE•added 2018/04/26 3:29 p.m.•32 views

CVE-2017-9284

IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information.

7.5CVSS6.1AI score0.00289EPSS

CVE•added 2018/03/26 7:29 p.m.•31 views

CVE-2018-7673

The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack.

7.5CVSS6.2AI score0.00165EPSS

CVE•added 2006/09/14 10:7 p.m.•29 views

CVE-2006-4803

The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."

7.2CVSS7.6AI score0.00097EPSS

CVE•added 2018/03/26 7:29 p.m.•29 views

CVE-2018-1348

NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.

7.4CVSS6.1AI score0.00207EPSS