Identity Manager
Sign in to watchby Netiq
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-0787 | Med | 0.40 | 6.1 | 0.00 | Oct 27, 2016 | XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI. | |
| CVE-2014-4509 | 0.00 | — | 0.00 | Jun 21, 2014 | The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | ||
| CVE-2007-4526 | 0.00 | — | 0.00 | Aug 25, 2007 | The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | ||
| CVE-2006-4803 | 0.00 | — | 0.00 | Sep 14, 2006 | The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | ||
| CVE-2006-4506 | 0.00 | — | 0.00 | Aug 31, 2006 | idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. |