Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities found for Identity Manager Plug-ins by NetIQ

    CVE-2017-7426 (GCVE-0-2017-7426)

    Vulnerability from cvelistv5 – Published: 2018-03-01 19:00 – Updated: 2024-09-17 03:07
    VLAI
    Title
    iManager - XML External Entity vulnerabilities
    Summary
    The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
    CWE
    • External XML Entity attacks
    Assigner
    References
    Impacted products
    Vendor Product Version
    NetIQ Identity Manager Plug-ins Affected: unspecified , < 4.6.1 (custom)
    Create a notification for this product.
    Date Public
    2017-08-03 00:00
    Credits
    Pawel.Batunek@ingservicespolska.pl
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:04:11.181Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager Plug-ins",
              "vendor": "NetIQ",
              "versions": [
                {
                  "lessThan": "4.6.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pawel.Batunek@ingservicespolska.pl"
            }
          ],
          "datePublic": "2017-08-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "External XML Entity attacks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:59.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
            }
          ],
          "source": {
            "advisory": "7021173",
            "discovery": "EXTERNAL"
          },
          "title": "iManager - XML External Entity vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2017-08-03T00:00:00.000Z",
              "ID": "CVE-2017-7426",
              "STATE": "PUBLIC",
              "TITLE": "iManager - XML External Entity vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager Plug-ins",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "4.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NetIQ"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pawel.Batunek@ingservicespolska.pl"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "External XML Entity attacks"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.novell.com/support/kb/doc.php?id=7021173",
                  "refsource": "CONFIRM",
                  "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
                }
              ]
            },
            "source": {
              "advisory": "7021173",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2017-7426",
        "datePublished": "2018-03-01T19:00:00.000Z",
        "dateReserved": "2017-04-05T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:57.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-7426 (GCVE-0-2017-7426)

    Vulnerability from nvd – Published: 2018-03-01 19:00 – Updated: 2024-09-17 03:07
    VLAI
    Title
    iManager - XML External Entity vulnerabilities
    Summary
    The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
    CWE
    • External XML Entity attacks
    Assigner
    References
    Impacted products
    Vendor Product Version
    NetIQ Identity Manager Plug-ins Affected: unspecified , < 4.6.1 (custom)
    Create a notification for this product.
    Date Public
    2017-08-03 00:00
    Credits
    Pawel.Batunek@ingservicespolska.pl
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:04:11.181Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager Plug-ins",
              "vendor": "NetIQ",
              "versions": [
                {
                  "lessThan": "4.6.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pawel.Batunek@ingservicespolska.pl"
            }
          ],
          "datePublic": "2017-08-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "External XML Entity attacks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:59.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
            }
          ],
          "source": {
            "advisory": "7021173",
            "discovery": "EXTERNAL"
          },
          "title": "iManager - XML External Entity vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2017-08-03T00:00:00.000Z",
              "ID": "CVE-2017-7426",
              "STATE": "PUBLIC",
              "TITLE": "iManager - XML External Entity vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager Plug-ins",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "4.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NetIQ"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pawel.Batunek@ingservicespolska.pl"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "External XML Entity attacks"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.novell.com/support/kb/doc.php?id=7021173",
                  "refsource": "CONFIRM",
                  "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
                }
              ]
            },
            "source": {
              "advisory": "7021173",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2017-7426",
        "datePublished": "2018-03-01T19:00:00.000Z",
        "dateReserved": "2017-04-05T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:57.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }