Skip to main content

Imanager

24 CVEs product

Monthly

CVE-2024-4429 HIGH This Week

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure CSRF Imanager
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-3969 CRITICAL Act Now

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XXE Imanager
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-3970 HIGH This Week

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Path Traversal Information Disclosure Imanager
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-3968 CRITICAL Act Now

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Imanager
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-3967 CRITICAL Act Now

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Java Imanager
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-3488 CRITICAL Act Now

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Imanager
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-3487 CRITICAL Act Now

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Imanager
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-3486 CRITICAL Act Now

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure XXE Imanager
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-3485 HIGH This Week

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Information Disclosure Imanager
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-3484 CRITICAL Act Now

Path Traversal found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Path Traversal Imanager
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-3483 CRITICAL Act Now

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Command Injection Imanager
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2018-17949 MEDIUM This Month

Cross site scripting vulnerability in iManager prior to 3.1 SP2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-12462 MEDIUM This Month

NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-1347 MEDIUM This Month

The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-1345 HIGH This Week

NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-1344 HIGH This Week

Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
CVSS 3.0
8.6
EPSS
0.9%
CVE-2017-7425 HIGH This Week

Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2. Rated high severity (CVSS 7.6), this vulnerability is low attack complexity. No vendor patch available.

XSS Imanager
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-7432 CRITICAL Act Now

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2017-7431 HIGH This Week

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Imanager
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-7430 MEDIUM This Month

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2017-7428 MEDIUM This Month

NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tomcat Information Disclosure Imanager
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-5186 HIGH This Week

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edirectory Imanager
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2013-3268 CRITICAL Act Now

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Imanager
NVD
CVSS 2.0
10.0
EPSS
0.2%
CVE-2013-1088 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Apache Tomcat Imanager
NVD
CVSS 2.0
6.8
EPSS
0.3%
EPSS 0% CVSS 7.4
HIGH This Week

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure CSRF Imanager
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XXE Imanager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Path Traversal Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Imanager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Java +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Imanager
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Imanager
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure XXE +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Information Disclosure Imanager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Path Traversal found in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Path Traversal Imanager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Command Injection Imanager
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross site scripting vulnerability in iManager prior to 3.1 SP2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
EPSS 1% CVSS 8.6
HIGH This Week

Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2. Rated high severity (CVSS 7.6), this vulnerability is low attack complexity. No vendor patch available.

XSS Imanager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Imanager
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imanager
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tomcat Information Disclosure Imanager
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edirectory Imanager
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Imanager
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Apache Tomcat +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy