Micro Focus Netiq Access Manager vulnerabilities
7 known vulnerabilities affecting micro_focus/netiq_access_manager.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2017-14803P2CRITICALCVSS 9.8v4.3v4.42018-01-20
CVE-2017-14803 [CRITICAL] CVE-2017-14803: In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO conn
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.
nvd
CVE-2021-22527P3HIGHCVSS 7.5≥ NetIQ Access Manager, < 5.0.12021-09-13
CVE-2021-22527 [HIGH] CWE-200 CVE-2021-22527: Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
nvd
CVE-2022-26326P4MEDIUMCVSS 6.1≥ NetIQ Access Manager, < 5.0.22022-05-02
CVE-2022-26326 [MEDIUM] CWE-601 CVE-2022-26326: Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Mana
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
nvd
CVE-2021-22526P4MEDIUMCVSS 6.1≥ NetIQ Access Manager, < 5.0.12021-09-13
CVE-2021-22526 [MEDIUM] CWE-601 CVE-2021-22526: Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
nvd
CVE-2021-22528P4MEDIUMCVSS 5.4≥ NetIQ Access Manager, < 5.0.12021-09-13
CVE-2021-22528 [MEDIUM] CWE-79 CVE-2021-22528: Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
nvd
CVE-2022-26325P4MEDIUMCVSS 6.1≥ NetIQ Access Manager, < 5.0.22022-05-02
CVE-2022-26325 [MEDIUM] CWE-79 CVE-2022-26325: Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2
nvd
CVE-2021-22524P4MEDIUMCVSS 4.9≥ NetIQ Access Manager, < 5.0.12021-09-13
CVE-2021-22524 [MEDIUM] CWE-91 CVE-2021-22524: Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 a
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
nvd