Vulnerabilities > Microfocus > Edirectory > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-12 CVE-2021-22532 Allocation of Resources Without Limits or Throttling vulnerability in Microfocus Edirectory
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.
network
low complexity
microfocus CWE-770
7.5
7.5
2018-12-12 CVE-2018-17950 Incorrect Authorization vulnerability in Microfocus Edirectory
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
network
low complexity
microfocus CWE-863
7.5
7.5
2018-08-09 CVE-2018-7686 Information Exposure vulnerability in Microfocus Edirectory
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
network
low complexity
microfocus CWE-200
7.5
7.5
2018-03-02 CVE-2017-7429 Improper Certificate Validation vulnerability in multiple products
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
network
low complexity
netiq microfocus CWE-295
8.8
8.8