Search criteria
3 vulnerabilities found for self_service_password_reset by netiq
FKIE_CVE-2019-11648
Vulnerability from fkie_nvd - Published: 2019-06-24 16:15 - Updated: 2024-11-21 04:21
Severity ?
Summary
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netiq | self_service_password_reset | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:self_service_password_reset:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC075F83-D1EC-4F4C-AA65-45A1F04B9E54",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information."
},
{
"lang": "es",
"value": "Existe un filtrado de informaci\u00f3n en todas las versiones anteriores a la versi\u00f3n 4.4 de Self Service Password Reset Software de Micro Focus NetIQ. La vulnerabilidad podr\u00eda ser explotada para exponer informaci\u00f3n sensible."
}
],
"id": "CVE-2019-11648",
"lastModified": "2024-11-21T04:21:31.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-24T16:15:14.947",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-11648 (GCVE-0-2019-11648)
Vulnerability from cvelistv5 – Published: 2019-06-24 15:40 – Updated: 2024-08-04 23:03
VLAI?
Summary
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information.
Severity ?
No CVSS data available.
CWE
- Information leakage
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus NetIQ Self Service Password Reset. |
Affected:
All versions prior to version 4.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus NetIQ Self Service Password Reset.",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 4.4"
}
]
}
],
"datePublic": "2019-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:05",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus NetIQ Self Service Password Reset.",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 4.4"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11648",
"datePublished": "2019-06-24T15:40:28",
"dateReserved": "2019-05-01T00:00:00",
"dateUpdated": "2024-08-04T23:03:31.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11648 (GCVE-0-2019-11648)
Vulnerability from nvd – Published: 2019-06-24 15:40 – Updated: 2024-08-04 23:03
VLAI?
Summary
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information.
Severity ?
No CVSS data available.
CWE
- Information leakage
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus NetIQ Self Service Password Reset. |
Affected:
All versions prior to version 4.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus NetIQ Self Service Password Reset.",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 4.4"
}
]
}
],
"datePublic": "2019-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:05",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus NetIQ Self Service Password Reset.",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 4.4"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11648",
"datePublished": "2019-06-24T15:40:28",
"dateReserved": "2019-05-01T00:00:00",
"dateUpdated": "2024-08-04T23:03:31.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}