NetIQ IManager Security Vulnerabilities
Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on...
7.2CVSS
6AI Score
0.001EPSS
6.1CVSS
6AI Score
0.001EPSS
Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and...
7.6CVSS
6AI Score
0.001EPSS
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in...
6.1CVSS
6AI Score
0.003EPSS
NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with...
5.3CVSS
5.3AI Score
0.002EPSS
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload...
9.8CVSS
9.4AI Score
0.004EPSS
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object...
8.8CVSS
8.6AI Score
0.002EPSS
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications...
7.5CVSS
7.5AI Score
0.008EPSS
iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication...
9.8CVSS
9.6AI Score
0.006EPSS
The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote...
8.8CVSS
8.8AI Score
0.004EPSS