Edirectory Security Vulnerabilities and Issues — Edirectory CVE List

Lucene search

NovellEdirectory

4 matches found

CVE•added 2017/04/27 2:59 p.m.•48 views

CVE-2017-5186

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.

7.5CVSS7.5AI score0.00468EPSS

CVE•added 2017/03/23 6:59 a.m.•45 views

CVE-2016-9167

NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.

7.5CVSS7.7AI score0.00499EPSS

CVE•added 2017/03/23 6:59 a.m.•44 views

CVE-2016-9168

A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking.

6.5CVSS6.6AI score0.00565EPSS

CVE•added 2017/03/23 6:59 a.m.•36 views

CVE-2016-5747

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.

7.5CVSS7.5AI score0.00327EPSS