Netiq Access Manager (nam)
by Microfocus
CVEs (15)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7678 | Low | 0.23 | 3.5 | 0.01 | Mar 14, 2018 | A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. | ||
| CVE-2018-7677 | Low | 0.23 | 3.5 | 0.01 | Mar 14, 2018 | A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | ||
| CVE-2024-4554 | 0.00 | — | 0.00 | Aug 28, 2024 | Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects Access Manager before 5.0.4.1 and 5.1. | |||
| CVE-2024-4555 | 0.00 | — | 0.00 | Aug 28, 2024 | Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | |||
| CVE-2024-4556 | 0.00 | — | 0.00 | Aug 28, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | |||
| CVE-2021-22531 | 0.00 | — | 0.01 | May 12, 2022 | A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 | |||
| CVE-2022-26326 | 0.00 | — | 0.00 | May 2, 2022 | Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 | |||
| CVE-2022-26325 | 0.00 | — | 0.00 | May 2, 2022 | Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2 | |||
| CVE-2021-22526 | 0.00 | — | 0.00 | Sep 13, 2021 | Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||
| CVE-2021-22524 | 0.00 | — | 0.01 | Sep 13, 2021 | Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||
| CVE-2021-22527 | 0.00 | — | 0.01 | Sep 13, 2021 | Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||
| CVE-2021-22528 | 0.00 | — | 0.01 | Sep 13, 2021 | Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||
| CVE-2021-22525 | 0.00 | — | 0.00 | Sep 2, 2021 | This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 | |||
| CVE-2018-19645 | 0.00 | — | 0.01 | Feb 12, 2019 | An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||
| CVE-2018-12480 | 0.00 | — | 0.01 | Nov 15, 2018 | Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. |
- risk 0.23cvss 3.5epss 0.01
A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4.
- risk 0.23cvss 3.5epss 0.01
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
- CVE-2024-4554Aug 28, 2024risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects Access Manager before 5.0.4.1 and 5.1.
- CVE-2024-4555Aug 28, 2024risk 0.00cvss —epss 0.00
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
- CVE-2024-4556Aug 28, 2024risk 0.00cvss —epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1.
- CVE-2021-22531May 12, 2022risk 0.00cvss —epss 0.01
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
- CVE-2022-26326May 2, 2022risk 0.00cvss —epss 0.00
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
- CVE-2022-26325May 2, 2022risk 0.00cvss —epss 0.00
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2
- CVE-2021-22526Sep 13, 2021risk 0.00cvss —epss 0.00
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
- CVE-2021-22524Sep 13, 2021risk 0.00cvss —epss 0.01
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
- CVE-2021-22527Sep 13, 2021risk 0.00cvss —epss 0.01
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
- CVE-2021-22528Sep 13, 2021risk 0.00cvss —epss 0.01
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
- CVE-2021-22525Sep 2, 2021risk 0.00cvss —epss 0.00
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1
- CVE-2018-19645Feb 12, 2019risk 0.00cvss —epss 0.01
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
- CVE-2018-12480Nov 15, 2018risk 0.00cvss —epss 0.01
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.