Imanager
by Novell
CVEs (33)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-3968 | 0.00 | — | 0.01 | May 15, 2024 | Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task. | |||
| CVE-2024-3970 | 0.00 | — | 0.01 | May 15, 2024 | Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal. | |||
| CVE-2022-38758 | 0.00 | — | 0.00 | Jan 25, 2023 | Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL. | |||
| CVE-2018-17949 | 0.00 | — | 0.01 | Dec 12, 2018 | Cross site scripting vulnerability in iManager prior to 3.1 SP2. | |||
| CVE-2013-3268 | 0.00 | — | 0.02 | Apr 24, 2013 | Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors. | |||
| CVE-2013-1088 | 0.00 | — | 0.01 | Apr 24, 2013 | Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container. | |||
| CVE-2011-4188 | 0.00 | — | 0.02 | Apr 9, 2012 | Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related… | |||
| CVE-2009-4486 | 0.00 | — | 0.04 | Jan 8, 2010 | Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. | |||
| CVE-2008-3488 | 0.00 | — | 0.01 | Aug 6, 2008 | Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delete Plug-in Studio created Property Book Pages via unknown vectors. | |||
| CVE-2006-4517 | 0.00 | — | 0.03 | Nov 1, 2006 | Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference. | |||
| CVE-2005-1730 | 0.00 | — | 0.05 | Dec 31, 2005 | Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap… | |||
| CVE-2002-1283 | 0.00 | — | 0.02 | Nov 29, 2002 | Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute. | |||
| CVE-2002-1002 | 0.00 | — | 0.02 | Oct 4, 2002 | Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name. |
- CVE-2024-3968May 15, 2024risk 0.00cvss —epss 0.01
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task.
- CVE-2024-3970May 15, 2024risk 0.00cvss —epss 0.01
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.
- CVE-2022-38758Jan 25, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.
- CVE-2018-17949Dec 12, 2018risk 0.00cvss —epss 0.01
Cross site scripting vulnerability in iManager prior to 3.1 SP2.
- CVE-2013-3268Apr 24, 2013risk 0.00cvss —epss 0.02
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.
- CVE-2013-1088Apr 24, 2013risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
- CVE-2011-4188Apr 9, 2012risk 0.00cvss —epss 0.02
Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related…
- CVE-2009-4486Jan 8, 2010risk 0.00cvss —epss 0.04
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema.
- CVE-2008-3488Aug 6, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delete Plug-in Studio created Property Book Pages via unknown vectors.
- CVE-2006-4517Nov 1, 2006risk 0.00cvss —epss 0.03
Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference.
- CVE-2005-1730Dec 31, 2005risk 0.00cvss —epss 0.05
Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap…
- CVE-2002-1283Nov 29, 2002risk 0.00cvss —epss 0.02
Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute.
- CVE-2002-1002Oct 4, 2002risk 0.00cvss —epss 0.02
Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.
Page 2 of 2