Search criteria
36 vulnerabilities found for iManager by NetIQ
FKIE_CVE-2022-38758
Vulnerability from fkie_nvd - Published: 2023-01-26 21:15 - Updated: 2024-11-21 07:17
Severity
7.2 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A60425E-688A-4AAA-900B-A7F58E87B230",
"versionEndExcluding": "3.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user\u0027s browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL."
},
{
"lang": "es",
"value": "Vulnerabilidad de cross site scripting (XSS) en NetIQ iManager anterior a la versi\u00f3n 3.2.6 permite a un atacante ejecutar scripts maliciosos en el navegador del usuario. Este problema afecta a: Micro Focus NetIQ iManager Versiones de NetIQ iManager anteriores a la 3.2.6 en TODOS."
}
],
"id": "CVE-2022-38758",
"lastModified": "2024-11-21T07:17:02.293",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 6.0,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-26T21:15:49.487",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@opentext.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-12462
Vulnerability from fkie_nvd - Published: 2018-07-10 19:29 - Updated: 2024-11-21 03:45
Severity
4.8 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5339E5-0565-478C-9D33-1A821D0A904E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
},
{
"lang": "es",
"value": "NetIQ iManager 3.1.1 aborda vulnerabilidades de Cross-Site Scripting (XSS) potenciales."
}
],
"id": "CVE-2018-12462",
"lastModified": "2024-11-21T03:45:15.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.4,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-10T19:29:00.337",
"references": [
{
"source": "security@opentext.com",
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-1345
Vulnerability from fkie_nvd - Published: 2018-03-21 14:29 - Updated: 2024-11-21 03:59
Severity
5.9 (Medium) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC39F2E6-9EE7-4FFC-9FDA-44C2E9AC42BC",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack."
},
{
"lang": "es",
"value": "NetIQ iManager, en versiones anteriores a la 3.1, podr\u00eda ser susceptible bajo ciertas circunstancias a un ataque de elevaci\u00f3n de privilegios."
}
],
"id": "CVE-2018-1345",
"lastModified": "2024-11-21T03:59:39.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 4.0,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-21T14:29:00.297",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-1344
Vulnerability from fkie_nvd - Published: 2018-03-21 14:29 - Updated: 2024-11-21 03:59
Severity
3.1 (Low) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC39F2E6-9EE7-4FFC-9FDA-44C2E9AC42BC",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1"
},
{
"lang": "es",
"value": "Se trata de un potencial ataque de degradaci\u00f3n de comunicaciones en NetIQ iManager, en versiones anteriores a la 3.1."
}
],
"id": "CVE-2018-1344",
"lastModified": "2024-11-21T03:59:39.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-21T14:29:00.250",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-1347
Vulnerability from fkie_nvd - Published: 2018-03-21 14:29 - Updated: 2024-11-21 03:59
Severity
5.3 (Medium) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC39F2E6-9EE7-4FFC-9FDA-44C2E9AC42BC",
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting."
},
{
"lang": "es",
"value": "La interfaz web administrativa en NetIQ iManager, en versiones anteriores a la 3.1, es vulnerable a Cross-Site Scripting (XSS) reflejado."
}
],
"id": "CVE-2018-1347",
"lastModified": "2024-11-21T03:59:40.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-21T14:29:00.407",
"references": [
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/103492"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/103492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-5189
Vulnerability from fkie_nvd - Published: 2018-03-02 20:29 - Updated: 2024-11-21 03:27
Severity
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netiq | imanager | 2.7 | |
| netiq | imanager | 2.7.1 | |
| netiq | imanager | 2.7.2 | |
| netiq | imanager | 2.7.3 | |
| netiq | imanager | 2.7.4 | |
| netiq | imanager | 2.7.5 | |
| netiq | imanager | 2.7.6 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7 | |
| netiq | imanager | 2.7.7.10 | |
| netiq | imanager | 2.7.7.10 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0.2 | |
| netiq | imanager | 3.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9044A0FA-BD4E-4041-B16A-0C70551C65F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94134CE0-B4A4-477B-99E7-87F34B0F2CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB1AB4D-3906-4EDA-A514-FAE007A27095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9CA1AA-A933-4BB6-81F1-B803A2D12FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "56B58611-550D-408E-8104-71ACD4A19FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1842E298-D918-433F-9681-DF4AF9849029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EB7FE-4A3A-4273-B5B5-CF6473C4D1F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p10:*:*:*:*:*:*",
"matchCriteriaId": "46A640AB-5C61-4801-9EB3-DA4FD6C43FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p11:*:*:*:*:*:*",
"matchCriteriaId": "9B6B6F6C-1CD2-4823-A224-DDFAC5FD7C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "52355F37-8540-4868-A565-E2109DA7ABA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p5:*:*:*:*:*:*",
"matchCriteriaId": "C9B213A2-2BED-4D5F-86AA-E4FE29352E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p6:*:*:*:*:*:*",
"matchCriteriaId": "B2413E8E-7B96-434D-BF9B-3C769F931157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p7:*:*:*:*:*:*",
"matchCriteriaId": "A70BA4BB-6398-46C5-9E16-4536AAD30011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p8:*:*:*:*:*:*",
"matchCriteriaId": "6644CB8E-DC8E-46F4-8EFF-CEF34EC40116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7:p9:*:*:*:*:*:*",
"matchCriteriaId": "088DA16B-2DCA-4EA5-86BC-93796D9F0E73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7.10:hf1:*:*:*:*:*:*",
"matchCriteriaId": "7447ECD4-EA24-45F9-BF0D-971D074EAB4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:2.7.7.10:hf2:*:*:*:*:*:*",
"matchCriteriaId": "91F3BCB4-6160-48DA-8CFA-88BD1FED1C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3D7F7B-CF13-4729-BDC8-FA7C25EB0856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0A8EC935-B012-4F5C-AF33-3438EEA18BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D3A86186-B039-4F7F-BE13-A5C2987C63B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0C76139-7684-4E41-B8BC-5D9DC6B47ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D9AF38F2-611C-4557-8CB8-FEA46F84A779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "F68364C6-7A48-49E7-BC89-6DF5181EEF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2482872E-C1FE-4E4E-833A-A426CC4E1230",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance."
},
{
"lang": "es",
"value": "NetIQ iManager, en versiones anteriores a la 3.0.3, entregaba una clave privada SSL en una aplicaci\u00f3n Java (archivo JAR) para autenticaci\u00f3n en Sentinel, lo que permite que atacantes remotos extraigan y establezcan sus propias conexiones en la aplicaci\u00f3n de Sentinel."
}
],
"id": "CVE-2017-5189",
"lastModified": "2024-11-21T03:27:13.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-02T20:29:00.380",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "security@opentext.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7425
Vulnerability from fkie_nvd - Published: 2017-11-06 17:29 - Updated: 2026-05-13 00:24
Severity
7.6 (High) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:*:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "32DC4B54-DDD2-4841-B235-42E0F23C6427",
"versionEndIncluding": "2.7.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05BB70E3-58EA-43EC-BB10-A382A7405601",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2."
},
{
"lang": "es",
"value": "Existen m\u00faltiples problemas potenciales de XSS reflejado en NetIQ iManager en versiones anteriores a la 2.7.7 Patch 10 HF2 y 3.0.3.2."
}
],
"id": "CVE-2017-7425",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 5.5,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-06T17:29:00.387",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7430
Vulnerability from fkie_nvd - Published: 2017-05-03 05:59 - Updated: 2026-05-13 00:24
Severity
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0.1 | |
| netiq | imanager | 3.0.2 | |
| netiq | imanager | 3.0.2.1 | |
| netiq | imanager | 3.0.3 | |
| netiq | imanager | 3.0.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B982AA70-B5BA-4E56-8DBE-15EEC0A70DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3D39CE17-0383-4078-8600-C07F9E943699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF8877DA-0E30-40C7-9506-8B07A42C76A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp3:*:*:*:*:*:*",
"matchCriteriaId": "584A6436-0480-4EC8-8129-DFD3CFFF10A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4:*:*:*:*:*:*",
"matchCriteriaId": "C62EA146-9EFC-4CDC-96A7-E44CC0744B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "155397A8-932C-40EC-B763-AC39D5B8B736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch2:*:*:*:*:*:*",
"matchCriteriaId": "7DBD982A-EF73-403E-B486-BBECBCE606BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch3:*:*:*:*:*:*",
"matchCriteriaId": "096ADACF-B48F-4636-B141-4D680F498A49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch4:*:*:*:*:*:*",
"matchCriteriaId": "724BD98B-2407-4B8D-8892-A39B965249BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp5:*:*:*:*:*:*",
"matchCriteriaId": "8F0B8EAE-210E-4AB8-9373-B8FC1216C056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp6:*:*:*:*:*:*",
"matchCriteriaId": "F265DEB1-0DA8-41B4-8F83-617C64C42BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7:*:*:*:*:*:*",
"matchCriteriaId": "10A72CB5-EC86-431F-9DE6-861FB314434A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_1:*:*:*:*:*:*",
"matchCriteriaId": "F62A4826-99FB-4255-960E-74FC427A92B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_10:*:*:*:*:*:*",
"matchCriteriaId": "EDD11B88-EB75-48DE-BB17-7B57ABE85973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "86B6883E-4A18-4AFD-9B3A-F994F7EB6DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_3:*:*:*:*:*:*",
"matchCriteriaId": "141E6087-B64F-46E1-A2AF-D7E78D55D3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_4:*:*:*:*:*:*",
"matchCriteriaId": "274A55F9-1143-43C4-9A9A-346FFDF37910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_5:*:*:*:*:*:*",
"matchCriteriaId": "0024EE9F-22EB-4506-B31C-5A96EF3856F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_6:*:*:*:*:*:*",
"matchCriteriaId": "539F5CF0-CE59-4771-8A22-A8CC8374ECEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_7:*:*:*:*:*:*",
"matchCriteriaId": "33EA7239-B6FF-494D-8F93-2612A15C1DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_8:*:*:*:*:*:*",
"matchCriteriaId": "1C4392D2-CE7F-4788-90F9-9AD636FC49E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_9:*:*:*:*:*:*",
"matchCriteriaId": "E641A85F-2B46-420B-AF9E-AD22D8BD348B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3D7F7B-CF13-4729-BDC8-FA7C25EB0856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B44FED3-A5D0-4F0D-AD4F-329152057627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A555C67-FE51-414D-B93A-42DEC732EAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F06556-00E1-40B1-97B9-E0574DC4B597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2482872E-C1FE-4E4E-833A-A426CC4E1230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB7A9D-A03D-458D-87CA-EF9440ABA86E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework."
},
{
"lang": "es",
"value": "Novell iManager en versiones 2.7.x anteriores a la 2.7 SP7 Patch 10 HF1 y NetIQ iManager versiones 3.x anteriores a la 3.0.3.1 presentan una vulnerabilidad de XSS persistente en el Framework."
}
],
"id": "CVE-2017-7430",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-03T05:59:00.267",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024959"
},
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030691"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7431
Vulnerability from fkie_nvd - Published: 2017-05-03 05:59 - Updated: 2026-05-13 00:24
Severity
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0.1 | |
| netiq | imanager | 3.0.2 | |
| netiq | imanager | 3.0.2.1 | |
| netiq | imanager | 3.0.3 | |
| netiq | imanager | 3.0.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B982AA70-B5BA-4E56-8DBE-15EEC0A70DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3D39CE17-0383-4078-8600-C07F9E943699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF8877DA-0E30-40C7-9506-8B07A42C76A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp3:*:*:*:*:*:*",
"matchCriteriaId": "584A6436-0480-4EC8-8129-DFD3CFFF10A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4:*:*:*:*:*:*",
"matchCriteriaId": "C62EA146-9EFC-4CDC-96A7-E44CC0744B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "155397A8-932C-40EC-B763-AC39D5B8B736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch2:*:*:*:*:*:*",
"matchCriteriaId": "7DBD982A-EF73-403E-B486-BBECBCE606BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch3:*:*:*:*:*:*",
"matchCriteriaId": "096ADACF-B48F-4636-B141-4D680F498A49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch4:*:*:*:*:*:*",
"matchCriteriaId": "724BD98B-2407-4B8D-8892-A39B965249BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp5:*:*:*:*:*:*",
"matchCriteriaId": "8F0B8EAE-210E-4AB8-9373-B8FC1216C056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp6:*:*:*:*:*:*",
"matchCriteriaId": "F265DEB1-0DA8-41B4-8F83-617C64C42BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7:*:*:*:*:*:*",
"matchCriteriaId": "10A72CB5-EC86-431F-9DE6-861FB314434A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_1:*:*:*:*:*:*",
"matchCriteriaId": "F62A4826-99FB-4255-960E-74FC427A92B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_10:*:*:*:*:*:*",
"matchCriteriaId": "EDD11B88-EB75-48DE-BB17-7B57ABE85973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "86B6883E-4A18-4AFD-9B3A-F994F7EB6DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_3:*:*:*:*:*:*",
"matchCriteriaId": "141E6087-B64F-46E1-A2AF-D7E78D55D3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_4:*:*:*:*:*:*",
"matchCriteriaId": "274A55F9-1143-43C4-9A9A-346FFDF37910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_5:*:*:*:*:*:*",
"matchCriteriaId": "0024EE9F-22EB-4506-B31C-5A96EF3856F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_6:*:*:*:*:*:*",
"matchCriteriaId": "539F5CF0-CE59-4771-8A22-A8CC8374ECEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_7:*:*:*:*:*:*",
"matchCriteriaId": "33EA7239-B6FF-494D-8F93-2612A15C1DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_8:*:*:*:*:*:*",
"matchCriteriaId": "1C4392D2-CE7F-4788-90F9-9AD636FC49E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_9:*:*:*:*:*:*",
"matchCriteriaId": "E641A85F-2B46-420B-AF9E-AD22D8BD348B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3D7F7B-CF13-4729-BDC8-FA7C25EB0856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B44FED3-A5D0-4F0D-AD4F-329152057627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A555C67-FE51-414D-B93A-42DEC732EAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F06556-00E1-40B1-97B9-E0574DC4B597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2482872E-C1FE-4E4E-833A-A426CC4E1230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB7A9D-A03D-458D-87CA-EF9440ABA86E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management."
},
{
"lang": "es",
"value": "Novell iManager 2.7.x antes 2.7 SP7 Patch 10 HF1 y NetIQ iManager 3.x antes 3.0.3.1 tienen un CSRF persistente en la gesti\u00f3n de objetos."
}
],
"id": "CVE-2017-7431",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-03T05:59:00.313",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7432
Vulnerability from fkie_nvd - Published: 2017-05-03 05:59 - Updated: 2026-05-13 00:24
Severity
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| novell | imanager | 2.7 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0.1 | |
| netiq | imanager | 3.0.2 | |
| netiq | imanager | 3.0.2.1 | |
| netiq | imanager | 3.0.3 | |
| netiq | imanager | 3.0.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B982AA70-B5BA-4E56-8DBE-15EEC0A70DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3D39CE17-0383-4078-8600-C07F9E943699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF8877DA-0E30-40C7-9506-8B07A42C76A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp3:*:*:*:*:*:*",
"matchCriteriaId": "584A6436-0480-4EC8-8129-DFD3CFFF10A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4:*:*:*:*:*:*",
"matchCriteriaId": "C62EA146-9EFC-4CDC-96A7-E44CC0744B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "155397A8-932C-40EC-B763-AC39D5B8B736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch2:*:*:*:*:*:*",
"matchCriteriaId": "7DBD982A-EF73-403E-B486-BBECBCE606BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch3:*:*:*:*:*:*",
"matchCriteriaId": "096ADACF-B48F-4636-B141-4D680F498A49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp4_patch4:*:*:*:*:*:*",
"matchCriteriaId": "724BD98B-2407-4B8D-8892-A39B965249BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp5:*:*:*:*:*:*",
"matchCriteriaId": "8F0B8EAE-210E-4AB8-9373-B8FC1216C056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp6:*:*:*:*:*:*",
"matchCriteriaId": "F265DEB1-0DA8-41B4-8F83-617C64C42BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7:*:*:*:*:*:*",
"matchCriteriaId": "10A72CB5-EC86-431F-9DE6-861FB314434A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_1:*:*:*:*:*:*",
"matchCriteriaId": "F62A4826-99FB-4255-960E-74FC427A92B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_10:*:*:*:*:*:*",
"matchCriteriaId": "EDD11B88-EB75-48DE-BB17-7B57ABE85973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "86B6883E-4A18-4AFD-9B3A-F994F7EB6DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_3:*:*:*:*:*:*",
"matchCriteriaId": "141E6087-B64F-46E1-A2AF-D7E78D55D3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_4:*:*:*:*:*:*",
"matchCriteriaId": "274A55F9-1143-43C4-9A9A-346FFDF37910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_5:*:*:*:*:*:*",
"matchCriteriaId": "0024EE9F-22EB-4506-B31C-5A96EF3856F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_6:*:*:*:*:*:*",
"matchCriteriaId": "539F5CF0-CE59-4771-8A22-A8CC8374ECEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_7:*:*:*:*:*:*",
"matchCriteriaId": "33EA7239-B6FF-494D-8F93-2612A15C1DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_8:*:*:*:*:*:*",
"matchCriteriaId": "1C4392D2-CE7F-4788-90F9-9AD636FC49E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.7:sp7_patch_9:*:*:*:*:*:*",
"matchCriteriaId": "E641A85F-2B46-420B-AF9E-AD22D8BD348B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3D7F7B-CF13-4729-BDC8-FA7C25EB0856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B44FED3-A5D0-4F0D-AD4F-329152057627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A555C67-FE51-414D-B93A-42DEC732EAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F06556-00E1-40B1-97B9-E0574DC4B597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2482872E-C1FE-4E4E-833A-A426CC4E1230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB7A9D-A03D-458D-87CA-EF9440ABA86E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability."
},
{
"lang": "es",
"value": "Novell iManager 2.7.x antes 2.7 SP7 Patch 10 HF1 y NetIQ iManager 3.x antes 3.0.3.1 tienen una vulnerabilidad de carga de webshell."
}
],
"id": "CVE-2017-7432",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-03T05:59:00.360",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1027619"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1027619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7428
Vulnerability from fkie_nvd - Published: 2017-05-03 05:59 - Updated: 2026-05-13 00:24
Severity
Summary
NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3D7F7B-CF13-4729-BDC8-FA7C25EB0856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B44FED3-A5D0-4F0D-AD4F-329152057627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A555C67-FE51-414D-B93A-42DEC732EAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F06556-00E1-40B1-97B9-E0574DC4B597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2482872E-C1FE-4E4E-833A-A426CC4E1230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB7A9D-A03D-458D-87CA-EF9440ABA86E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat."
},
{
"lang": "es",
"value": "NetIQ iManager 3.x antes de 3.0.3.1 tiene un problema en la renegociaci\u00f3n de los par\u00e1metros de conexi\u00f3n con Tomcat."
}
],
"id": "CVE-2017-7428",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-03T05:59:00.203",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1029431"
},
{
"source": "security@opentext.com",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1029431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-38758 (GCVE-0-2022-38758)
Vulnerability from cvelistv5 – Published: 2023-01-25 00:00 – Updated: 2025-03-27 20:15
VLAI
Title
XSS vulnerabilities in iManager
Summary
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.
Severity
7.2 (High)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | NetIQ iManager |
Affected:
NetIQ iManager , < 3.2.6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T20:15:16.517246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T20:15:28.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"ALL"
],
"product": "NetIQ iManager",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "3.2.6",
"status": "affected",
"version": "NetIQ iManager",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks to Kajetan Rostojek for responsibly disclosing this information to us."
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user\u0027s browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-25T00:00:00.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"url": "https://www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "XSS vulnerabilities in iManager",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.2.6 or higher."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-38758",
"datePublished": "2023-01-25T00:00:00.000Z",
"dateReserved": "2022-08-25T00:00:00.000Z",
"dateUpdated": "2025-03-27T20:15:28.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12462 (GCVE-0-2018-12462)
Vulnerability from cvelistv5 – Published: 2018-07-10 19:00 – Updated: 2024-09-16 18:56
VLAI
Title
NetIQ iManager XSS vulnerabilities
Summary
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
Severity
4.8 (Medium)
CWE
- NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.microfocus.com/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
Impacted products
Date Public
2018-07-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "NetIQ iManager",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-07-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:36.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1.1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NetIQ iManager XSS vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-07-02T05:00:00.000Z",
"ID": "CVE-2018-12462",
"STATE": "PUBLIC",
"TITLE": "NetIQ iManager XSS vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "NetIQ iManager",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.microfocus.com/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1.1"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-12462",
"datePublished": "2018-07-10T19:00:00.000Z",
"dateReserved": "2018-06-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:56:13.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1347 (GCVE-0-2018-1347)
Vulnerability from cvelistv5 – Published: 2018-03-21 14:00 – Updated: 2024-08-05 03:59
VLAI
Title
NetIQ iManager, versions prior to 3.1, reflected XSS issue
Summary
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.
Severity
5.3 (Medium)
CWE
- Reflected XSS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/imanager-31/i… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/103492 | vdb-entryx_refsource_BID |
Impacted products
Date Public
2018-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:38.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"name": "103492",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1",
"status": "affected",
"version": "iManager prior to (3.1)",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:24.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"name": "103492",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103492"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ iManager, versions prior to 3.1, reflected XSS issue",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2018-1347",
"STATE": "PUBLIC",
"TITLE": "NetIQ iManager, versions prior to 3.1, reflected XSS issue"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "iManager prior to (3.1)",
"version_value": "3.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"name": "103492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103492"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-1347",
"datePublished": "2018-03-21T14:00:00.000Z",
"dateReserved": "2017-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:59:38.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1345 (GCVE-0-2018-1345)
Vulnerability from cvelistv5 – Published: 2018-03-21 14:00 – Updated: 2024-08-05 03:59
VLAI
Title
iManager elevation of privilege
Summary
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
Severity
5.9 (Medium)
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/imanager-31/i… | x_refsource_CONFIRM |
Impacted products
Date Public
2018-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:38.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1",
"status": "affected",
"version": "prior to version 3.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:58.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "iManager elevation of privilege",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2018-1345",
"STATE": "PUBLIC",
"TITLE": "iManager elevation of privilege"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "prior to version 3.1",
"version_value": "3.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-1345",
"datePublished": "2018-03-21T14:00:00.000Z",
"dateReserved": "2017-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:59:38.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1344 (GCVE-0-2018-1344)
Vulnerability from cvelistv5 – Published: 2018-03-21 14:00 – Updated: 2024-08-05 03:59
VLAI
Title
NetIQ iManager Communication Downgrade Attack
Summary
Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1
Severity
CWE
- communication downgrade
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/imanager-31/i… | x_refsource_CONFIRM |
Impacted products
Date Public
2018-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:38.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1",
"status": "affected",
"version": "iManager versions prior to 3.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "communication downgrade",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:59.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ iManager Communication Downgrade Attack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2018-1344",
"STATE": "PUBLIC",
"TITLE": "NetIQ iManager Communication Downgrade Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "iManager versions prior to 3.1",
"version_value": "3.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "communication downgrade"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-1344",
"datePublished": "2018-03-21T14:00:00.000Z",
"dateReserved": "2017-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:59:38.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5189 (GCVE-0-2017-5189)
Vulnerability from cvelistv5 – Published: 2018-03-02 20:00 – Updated: 2024-09-17 03:59
VLAI
Title
private SSL key embedded in JAR file in iManager
Summary
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
Severity
4.3 (Medium)
CWE
- Exposure of secret credentials in user exposed data
- CWE-522
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1021637 | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
Impacted products
Date Public
2017-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.0.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exposure of secret credentials in user exposed data",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:44.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
],
"source": {
"defect": [
"1021637"
],
"discovery": "UNKNOWN"
},
"title": "private SSL key embedded in JAR file in iManager",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2017-04-01T00:00:00.000Z",
"ID": "CVE-2017-5189",
"STATE": "PUBLIC",
"TITLE": "private SSL key embedded in JAR file in iManager"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.0.3"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of secret credentials in user exposed data"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1021637",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
]
},
"source": {
"defect": [
"1021637"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-5189",
"datePublished": "2018-03-02T20:00:00.000Z",
"dateReserved": "2017-01-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:59:02.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7425 (GCVE-0-2017-7425)
Vulnerability from cvelistv5 – Published: 2017-11-06 17:00 – Updated: 2024-08-05 16:04
VLAI
Title
Multiple Reflected XSS in iManager
Summary
Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2.
Severity
7.6 (High)
CWE
- XSS
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.novell.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://www.netiq.com/documentation/imanager-3/im… | x_refsource_CONFIRM |
| https://www.novell.com/support/kb/doc.php?id=7021423 | x_refsource_CONFIRM |
| https://www.netiq.com/documentation/imanager/iman… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NetIQ Corporation | NetIQ iManager |
Affected:
2.7.7 Patch 10 HF2
Affected: 3.0.3.2 |
Date Public
2017-11-06 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ iManager",
"vendor": "NetIQ Corporation",
"versions": [
{
"status": "affected",
"version": "2.7.7 Patch 10 HF2"
},
{
"status": "affected",
"version": "3.0.3.2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks is given to Pawel.Batunek@ingservicespolska.pl for finding and reporting this issue as part of the responsible disclosure process.."
}
],
"datePublic": "2017-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:49.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
}
],
"title": "Multiple Reflected XSS in iManager",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-7425",
"STATE": "PUBLIC",
"TITLE": "Multiple Reflected XSS in iManager"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ iManager",
"version": {
"version_data": [
{
"version_value": "2.7.7 Patch 10 HF2"
},
{
"version_value": "3.0.3.2"
}
]
}
}
]
},
"vendor_name": "NetIQ Corporation"
}
]
}
},
"credit": [
"Special thanks is given to Pawel.Batunek@ingservicespolska.pl for finding and reporting this issue as part of the responsible disclosure process.."
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7021423",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"name": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
}
]
},
"solution": "See 2.7.7.10 release notes located here: https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html \nSee 3.0.3.2 release notes located here: https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7425",
"datePublished": "2017-11-06T17:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7431 (GCVE-0-2017-7431)
Vulnerability from cvelistv5 – Published: 2017-05-03 05:13 – Updated: 2024-08-05 16:04
VLAI
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
Severity
No CVSS data available.
CWE
- CSRF
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugzilla.novell.com/show_bug.cgi?id=1024963 | x_refsource_CONFIRM |
| https://bugzilla.novell.com/show_bug.cgi?id=1030692 | x_refsource_CONFIRM |
| https://www.novell.com/support/kb/doc.php?id=7010166 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=24FxpmqdThE~ | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 |
Affected:
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1
|
Date Public
2017-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
],
"datePublic": "2017-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:27.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-7431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"version": {
"version_data": [
{
"version_value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1024963",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1030692",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7010166",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"name": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7431",
"datePublished": "2017-05-03T05:13:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38758 (GCVE-0-2022-38758)
Vulnerability from nvd – Published: 2023-01-25 00:00 – Updated: 2025-03-27 20:15
VLAI
Title
XSS vulnerabilities in iManager
Summary
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.
Severity
7.2 (High)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | NetIQ iManager |
Affected:
NetIQ iManager , < 3.2.6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T20:15:16.517246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T20:15:28.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"ALL"
],
"product": "NetIQ iManager",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "3.2.6",
"status": "affected",
"version": "NetIQ iManager",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks to Kajetan Rostojek for responsibly disclosing this information to us."
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user\u0027s browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-25T00:00:00.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"url": "https://www.netiq.com/documentation/imanager-32/imanager326_releasenotes/data/imanager326_releasenotes.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "XSS vulnerabilities in iManager",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.2.6 or higher."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-38758",
"datePublished": "2023-01-25T00:00:00.000Z",
"dateReserved": "2022-08-25T00:00:00.000Z",
"dateUpdated": "2025-03-27T20:15:28.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12462 (GCVE-0-2018-12462)
Vulnerability from nvd – Published: 2018-07-10 19:00 – Updated: 2024-09-16 18:56
VLAI
Title
NetIQ iManager XSS vulnerabilities
Summary
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
Severity
4.8 (Medium)
CWE
- NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.microfocus.com/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
Impacted products
Date Public
2018-07-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "NetIQ iManager",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-07-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:36.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1.1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NetIQ iManager XSS vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-07-02T05:00:00.000Z",
"ID": "CVE-2018-12462",
"STATE": "PUBLIC",
"TITLE": "NetIQ iManager XSS vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "NetIQ iManager",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.microfocus.com/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7016795"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1.1"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-12462",
"datePublished": "2018-07-10T19:00:00.000Z",
"dateReserved": "2018-06-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:56:13.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1347 (GCVE-0-2018-1347)
Vulnerability from nvd – Published: 2018-03-21 14:00 – Updated: 2024-08-05 03:59
VLAI
Title
NetIQ iManager, versions prior to 3.1, reflected XSS issue
Summary
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.
Severity
5.3 (Medium)
CWE
- Reflected XSS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/imanager-31/i… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/103492 | vdb-entryx_refsource_BID |
Impacted products
Date Public
2018-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:38.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"name": "103492",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1",
"status": "affected",
"version": "iManager prior to (3.1)",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:24.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"name": "103492",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103492"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ iManager, versions prior to 3.1, reflected XSS issue",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2018-1347",
"STATE": "PUBLIC",
"TITLE": "NetIQ iManager, versions prior to 3.1, reflected XSS issue"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "iManager prior to (3.1)",
"version_value": "3.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
},
{
"name": "103492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103492"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-1347",
"datePublished": "2018-03-21T14:00:00.000Z",
"dateReserved": "2017-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:59:38.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1345 (GCVE-0-2018-1345)
Vulnerability from nvd – Published: 2018-03-21 14:00 – Updated: 2024-08-05 03:59
VLAI
Title
iManager elevation of privilege
Summary
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
Severity
5.9 (Medium)
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/imanager-31/i… | x_refsource_CONFIRM |
Impacted products
Date Public
2018-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:38.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1",
"status": "affected",
"version": "prior to version 3.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:58.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "iManager elevation of privilege",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2018-1345",
"STATE": "PUBLIC",
"TITLE": "iManager elevation of privilege"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "prior to version 3.1",
"version_value": "3.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-1345",
"datePublished": "2018-03-21T14:00:00.000Z",
"dateReserved": "2017-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:59:38.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1344 (GCVE-0-2018-1344)
Vulnerability from nvd – Published: 2018-03-21 14:00 – Updated: 2024-08-05 03:59
VLAI
Title
NetIQ iManager Communication Downgrade Attack
Summary
Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1
Severity
CWE
- communication downgrade
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/imanager-31/i… | x_refsource_CONFIRM |
Impacted products
Date Public
2018-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:38.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.1",
"status": "affected",
"version": "iManager versions prior to 3.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "communication downgrade",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:59.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ iManager Communication Downgrade Attack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2018-1344",
"STATE": "PUBLIC",
"TITLE": "NetIQ iManager Communication Downgrade Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "iManager versions prior to 3.1",
"version_value": "3.1"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "communication downgrade"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to iManager 3.1"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-1344",
"datePublished": "2018-03-21T14:00:00.000Z",
"dateReserved": "2017-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:59:38.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5189 (GCVE-0-2017-5189)
Vulnerability from nvd – Published: 2018-03-02 20:00 – Updated: 2024-09-17 03:59
VLAI
Title
private SSL key embedded in JAR file in iManager
Summary
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
Severity
4.3 (Medium)
CWE
- Exposure of secret credentials in user exposed data
- CWE-522
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1021637 | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
Impacted products
Date Public
2017-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iManager",
"vendor": "NetIQ",
"versions": [
{
"lessThan": "3.0.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exposure of secret credentials in user exposed data",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:44.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
],
"source": {
"defect": [
"1021637"
],
"discovery": "UNKNOWN"
},
"title": "private SSL key embedded in JAR file in iManager",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2017-04-01T00:00:00.000Z",
"ID": "CVE-2017-5189",
"STATE": "PUBLIC",
"TITLE": "private SSL key embedded in JAR file in iManager"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iManager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.0.3"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of secret credentials in user exposed data"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1021637",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1021637"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}
]
},
"source": {
"defect": [
"1021637"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-5189",
"datePublished": "2018-03-02T20:00:00.000Z",
"dateReserved": "2017-01-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:59:02.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7425 (GCVE-0-2017-7425)
Vulnerability from nvd – Published: 2017-11-06 17:00 – Updated: 2024-08-05 16:04
VLAI
Title
Multiple Reflected XSS in iManager
Summary
Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2.
Severity
7.6 (High)
CWE
- XSS
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.novell.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://www.netiq.com/documentation/imanager-3/im… | x_refsource_CONFIRM |
| https://www.novell.com/support/kb/doc.php?id=7021423 | x_refsource_CONFIRM |
| https://www.netiq.com/documentation/imanager/iman… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NetIQ Corporation | NetIQ iManager |
Affected:
2.7.7 Patch 10 HF2
Affected: 3.0.3.2 |
Date Public
2017-11-06 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ iManager",
"vendor": "NetIQ Corporation",
"versions": [
{
"status": "affected",
"version": "2.7.7 Patch 10 HF2"
},
{
"status": "affected",
"version": "3.0.3.2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks is given to Pawel.Batunek@ingservicespolska.pl for finding and reporting this issue as part of the responsible disclosure process.."
}
],
"datePublic": "2017-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:49.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
}
],
"title": "Multiple Reflected XSS in iManager",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-7425",
"STATE": "PUBLIC",
"TITLE": "Multiple Reflected XSS in iManager"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ iManager",
"version": {
"version_data": [
{
"version_value": "2.7.7 Patch 10 HF2"
},
{
"version_value": "3.0.3.2"
}
]
}
}
]
},
"vendor_name": "NetIQ Corporation"
}
]
}
},
"credit": [
"Special thanks is given to Pawel.Batunek@ingservicespolska.pl for finding and reporting this issue as part of the responsible disclosure process.."
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7021423",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7021423"
},
{
"name": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html"
}
]
},
"solution": "See 2.7.7.10 release notes located here: https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html \nSee 3.0.3.2 release notes located here: https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html"
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7425",
"datePublished": "2017-11-06T17:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7432 (GCVE-0-2017-7432)
Vulnerability from nvd – Published: 2017-05-03 05:13 – Updated: 2024-08-05 16:04
VLAI
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.
Severity
No CVSS data available.
CWE
- webshell upload
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugzilla.novell.com/show_bug.cgi?id=1027619 | x_refsource_CONFIRM |
| https://www.novell.com/support/kb/doc.php?id=7010166 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=24FxpmqdThE~ | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 |
Affected:
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1
|
Date Public
2017-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1027619"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
],
"datePublic": "2017-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "webshell upload",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:37.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1027619"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-7432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"version": {
"version_data": [
{
"version_value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "webshell upload"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1027619",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1027619"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7010166",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"name": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7432",
"datePublished": "2017-05-03T05:13:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7431 (GCVE-0-2017-7431)
Vulnerability from nvd – Published: 2017-05-03 05:13 – Updated: 2024-08-05 16:04
VLAI
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
Severity
No CVSS data available.
CWE
- CSRF
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugzilla.novell.com/show_bug.cgi?id=1024963 | x_refsource_CONFIRM |
| https://bugzilla.novell.com/show_bug.cgi?id=1030692 | x_refsource_CONFIRM |
| https://www.novell.com/support/kb/doc.php?id=7010166 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=24FxpmqdThE~ | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 |
Affected:
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1
|
Date Public
2017-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
],
"datePublic": "2017-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:27.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-7431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"version": {
"version_data": [
{
"version_value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1024963",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024963"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1030692",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030692"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7010166",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"name": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7431",
"datePublished": "2017-05-03T05:13:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7430 (GCVE-0-2017-7430)
Vulnerability from nvd – Published: 2017-05-03 05:13 – Updated: 2024-08-05 16:04
VLAI
Summary
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.
Severity
No CVSS data available.
CWE
- XSS
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugzilla.novell.com/show_bug.cgi?id=1024959 | x_refsource_CONFIRM |
| https://www.novell.com/support/kb/doc.php?id=7010166 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=24FxpmqdThE~ | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://bugzilla.novell.com/show_bug.cgi?id=1030691 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 |
Affected:
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1
|
Date Public
2017-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024959"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030691"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
],
"datePublic": "2017-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:35.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024959"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030691"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2017-7430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"version": {
"version_data": [
{
"version_value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1024959",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1024959"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7010166",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"name": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1030691",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1030691"
},
{
"name": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7430",
"datePublished": "2017-05-03T05:13:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7428 (GCVE-0-2017-7428)
Vulnerability from nvd – Published: 2017-05-03 05:13 – Updated: 2024-08-05 16:04
VLAI
Summary
NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.
Severity
No CVSS data available.
CWE
- renegotiation
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugzilla.novell.com/show_bug.cgi?id=1029431 | x_refsource_CONFIRM |
| https://www.netiq.com/support/kb/doc.php?id=7016795 | x_refsource_CONFIRM |
| https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | NetIQ iManager 3.x before 3.0.3.1 |
Affected:
NetIQ iManager 3.x before 3.0.3.1
|
Date Public
2017-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.728Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1029431"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ iManager 3.x before 3.0.3.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "NetIQ iManager 3.x before 3.0.3.1"
}
]
}
],
"datePublic": "2017-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "renegotiation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:35.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1029431"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2017-7428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ iManager 3.x before 3.0.3.1",
"version": {
"version_data": [
{
"version_value": "NetIQ iManager 3.x before 3.0.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "renegotiation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1029431",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1029431"
},
{
"name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~",
"refsource": "CONFIRM",
"url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-7428",
"datePublished": "2017-05-03T05:13:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}