Novell Identity Manager vulnerabilities
3 known vulnerabilities affecting novell/identity_manager.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2016-1598MEDIUMCVSS 5.4v4.52016-10-27
CVE-2016-1598 [MEDIUM] CWE-79 CVE-2016-1598: XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their userna
XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.
nvd
CVE-2010-3264LOWCVSS 2.1v3.6.12010-09-08
CVE-2010-3264 [LOW] CWE-255 CVE-2010-3264: The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tm
The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.
nvd
CVE-2007-6625MEDIUMCVSS 5.0v3.5.12008-01-04
CVE-2007-6625 [MEDIUM] CWE-134 CVE-2007-6625: The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manag
The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan.
nvd