Search criteria
9 vulnerabilities found for identity_manager by microfocus
FKIE_CVE-2020-25839
Vulnerability from fkie_nvd - Published: 2020-11-20 16:15 - Updated: 2024-11-21 05:18
Severity ?
Summary
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | identity_manager | 4.8 | |
| microfocus | identity_manager | 4.8 | |
| microfocus | identity_manager | 4.8 | |
| microfocus | identity_manager | 4.8 | |
| microfocus | identity_manager | 4.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "6E38FF3B-6362-41F6-B146-325DFA469682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.8:hf1:*:*:*:*:*:*",
"matchCriteriaId": "15D47EC4-9539-4E8B-BBF2-5BA0CEBE2067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.8:sp1:*:*:*:*:*:*",
"matchCriteriaId": "04FA4595-19FA-440A-9021-BB3C6710A9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.8:sp1_hf1:*:*:*:*:*:*",
"matchCriteriaId": "C137C4AC-7BB1-48D1-93FB-548628FD33DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.8:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A69B4FD2-D6F8-45CD-A516-F7307B404BC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
},
{
"lang": "es",
"value": "NetIQ Identity Manager versiones 4.8 anteriores a 4.8 SP2 HF1, est\u00e1 afectado por una vulnerabilidad de inyecci\u00f3n.\u0026#xa0;Esta vulnerabilidad es corregida en NetIQ IdM versi\u00f3n 4.8 SP2 HF1"
}
],
"id": "CVE-2020-25839",
"lastModified": "2024-11-21T05:18:52.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-20T16:15:15.683",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11849
Vulnerability from fkie_nvd - Published: 2020-07-08 14:15 - Updated: 2024-11-21 04:58
Severity ?
Summary
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | identity_manager | * | |
| microfocus | identity_manager | 4.7.4 | |
| microfocus | identity_manager | 4.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3573217C-CFC5-4182-A155-A7AE7BC32D90",
"versionEndExcluding": "4.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DE9224-3E08-4106-BC98-B3D55A1534EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B47A735B-9D09-4B3D-AAED-622CD28A0CD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
},
{
"lang": "es",
"value": "Una elevaci\u00f3n de privilegios y/o vulnerabilidad de acceso no autorizado en Micro Focus Identity Manager. Afecta las versiones anteriores a 4.7.3 y 4.8.1 hotfix 1. La vulnerabilidad podr\u00eda permitir una exposici\u00f3n de informaci\u00f3n que puede resultar en una elevaci\u00f3n de privilegios o un acceso no autorizado"
}
],
"id": "CVE-2020-11849",
"lastModified": "2024-11-21T04:58:45.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-08T14:15:10.320",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1600
Vulnerability from fkie_nvd - Published: 2019-05-09 21:29 - Updated: 2024-11-21 02:46
Severity ?
Summary
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | identity_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:identity_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8823ECCF-2726-47E6-85B5-007D1750F479",
"versionEndExcluding": "4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
},
{
"lang": "es",
"value": "El controlador ServiceNow en las versiones del Gestor de identidades NetIQ anteriores a la 4.6 es susceptible a una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2016-1600",
"lastModified": "2024-11-21T02:46:42.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-09T21:29:00.250",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-25839 (GCVE-0-2020-25839)
Vulnerability from cvelistv5 – Published: 2020-11-20 15:24 – Updated: 2024-08-04 15:40
VLAI?
Summary
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.
Severity ?
No CVSS data available.
CWE
- Injection attack
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NetIQ Identity Manager |
Affected:
All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:37.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Identity Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Injection attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:36",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-25839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Identity Manager",
"version": {
"version_data": [
{
"version_value": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Injection attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-25839",
"datePublished": "2020-11-20T15:24:20",
"dateReserved": "2020-09-23T00:00:00",
"dateUpdated": "2024-08-04T15:40:37.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11849 (GCVE-0-2020-11849)
Vulnerability from cvelistv5 – Published: 2020-07-08 13:30 – Updated: 2024-09-17 01:30
VLAI?
Title
Elevation of privilege and unauthorized access in Micro Focus Identity Manager product
Summary
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege and/or unauthorized access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Fosus | Identity Manager |
Affected:
unspecified , ≤ 4.7.3
(custom)
Affected: unspecified , ≤ 4.8.1 (custom) |
Credits
Mark van Reijn, of IDFocus.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:41:59.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Identity Manager",
"vendor": "Micro Fosus",
"versions": [
{
"lessThanOrEqual": "4.7.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.8.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mark van Reijn, of IDFocus."
}
],
"datePublic": "2020-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
}
],
"exploits": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege and/or unauthorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2020-07-07T20:00:00.000Z",
"ID": "CVE-2020-11849",
"STATE": "PUBLIC",
"TITLE": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Identity Manager",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.7.3"
},
{
"version_affected": "\u003c=",
"version_value": "4.8.1"
}
]
}
}
]
},
"vendor_name": "Micro Fosus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mark van Reijn, of IDFocus."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege and/or unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html",
"refsource": "MISC",
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html",
"refsource": "MISC",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11849",
"datePublished": "2020-07-08T13:30:36.737561Z",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-09-17T01:30:32.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1600 (GCVE-0-2016-1600)
Vulnerability from cvelistv5 – Published: 2019-05-09 20:33 – Updated: 2024-08-05 23:02
VLAI?
Summary
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetIQ | Identity Manager |
Affected:
Versions prior to version 4.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:11.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Identity Manager",
"vendor": "NetIQ",
"versions": [
{
"status": "affected",
"version": "Versions prior to version 4.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:46",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-1600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Identity Manager",
"version": {
"version_data": [
{
"version_value": "Versions prior to version 4.6"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-1600",
"datePublished": "2019-05-09T20:33:45",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:11.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25839 (GCVE-0-2020-25839)
Vulnerability from nvd – Published: 2020-11-20 15:24 – Updated: 2024-08-04 15:40
VLAI?
Summary
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.
Severity ?
No CVSS data available.
CWE
- Injection attack
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NetIQ Identity Manager |
Affected:
All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:37.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Identity Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Injection attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:36",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-25839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Identity Manager",
"version": {
"version_data": [
{
"version_value": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Injection attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-25839",
"datePublished": "2020-11-20T15:24:20",
"dateReserved": "2020-09-23T00:00:00",
"dateUpdated": "2024-08-04T15:40:37.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11849 (GCVE-0-2020-11849)
Vulnerability from nvd – Published: 2020-07-08 13:30 – Updated: 2024-09-17 01:30
VLAI?
Title
Elevation of privilege and unauthorized access in Micro Focus Identity Manager product
Summary
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege and/or unauthorized access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Fosus | Identity Manager |
Affected:
unspecified , ≤ 4.7.3
(custom)
Affected: unspecified , ≤ 4.8.1 (custom) |
Credits
Mark van Reijn, of IDFocus.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:41:59.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Identity Manager",
"vendor": "Micro Fosus",
"versions": [
{
"lessThanOrEqual": "4.7.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.8.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mark van Reijn, of IDFocus."
}
],
"datePublic": "2020-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
}
],
"exploits": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege and/or unauthorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2020-07-07T20:00:00.000Z",
"ID": "CVE-2020-11849",
"STATE": "PUBLIC",
"TITLE": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Identity Manager",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.7.3"
},
{
"version_affected": "\u003c=",
"version_value": "4.8.1"
}
]
}
}
]
},
"vendor_name": "Micro Fosus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mark van Reijn, of IDFocus."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege and/or unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html",
"refsource": "MISC",
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html",
"refsource": "MISC",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11849",
"datePublished": "2020-07-08T13:30:36.737561Z",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-09-17T01:30:32.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1600 (GCVE-0-2016-1600)
Vulnerability from nvd – Published: 2019-05-09 20:33 – Updated: 2024-08-05 23:02
VLAI?
Summary
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetIQ | Identity Manager |
Affected:
Versions prior to version 4.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:11.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Identity Manager",
"vendor": "NetIQ",
"versions": [
{
"status": "affected",
"version": "Versions prior to version 4.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:46",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-1600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Identity Manager",
"version": {
"version_data": [
{
"version_value": "Versions prior to version 4.6"
}
]
}
}
]
},
"vendor_name": "NetIQ"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-1600",
"datePublished": "2019-05-09T20:33:45",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:11.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}