Vulnerabilities > Netiq > Identity Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-26329 | Exposure of Resource to Wrong Sphere vulnerability in Netiq Identity Manager File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. | 5.3 |
| 2018-04-26 | CVE-2017-9284 | Information Exposure vulnerability in Netiq Identity Manager 4.6/4.6.1/4.6.2 IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information. | 7.5 |
| 2018-03-28 | CVE-2018-7676 | Information Exposure vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | 5.9 |
| 2018-03-28 | CVE-2018-7674 | Open Redirect vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. | 6.1 |
| 2018-03-26 | CVE-2018-7673 | Unspecified vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | 7.5 |
| 2018-03-26 | CVE-2018-1350 | Information Exposure Through Log Files vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration. | 5.3 |
| 2018-03-26 | CVE-2018-1349 | Information Exposure Through Log Files vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration. | 5.3 |
| 2018-03-26 | CVE-2018-1348 | Unspecified vulnerability in Netiq Identity Manager 4.5 NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack. | 7.4 |
| 2018-03-05 | CVE-2017-7427 | Cross-site Scripting vulnerability in Netiq Identity Manager 4.5/4.6 Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. | 6.1 |
| 2018-03-02 | CVE-2017-9280 | Information Exposure vulnerability in Netiq Identity Manager 4.5 Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar. | 7.5 |