Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Identity_manager
(Netiq)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 20 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-03-26 | CVE-2018-1349 | The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration. | Identity_manager | 5.3 | ||
| 2018-03-26 | CVE-2018-1350 | The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration. | Identity_manager | 5.3 | ||
| 2018-03-26 | CVE-2018-7673 | The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | Identity_manager | 7.5 | ||
| 2018-03-28 | CVE-2018-7674 | The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. | Identity_manager | 6.1 | ||
| 2018-03-28 | CVE-2018-7676 | The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | Identity_manager | 5.9 | ||
| 2018-04-26 | CVE-2017-9284 | IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information. | Identity_manager | 7.5 | ||
| 2014-06-21 | CVE-2014-4509 | The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | Identity_manager | N/A | ||
| 2007-08-24 | CVE-2007-4526 | The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | Identity_manager, Client_login_extension_\(Cle\) | N/A | ||
| 2006-09-14 | CVE-2006-4803 | The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | Identity_manager | N/A | ||
| 2006-08-31 | CVE-2006-4506 | idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | Identity_manager | N/A |