Vulnerabilities > Netiq > Privileged Account Manager

DATE CVE VULNERABILITY TITLE RISK
2018-03-06 CVE-2018-1343 Improper Authentication vulnerability in Netiq Privileged Account Manager
PAM exposure enabling unauthenticated access to remote host
network
low complexity
netiq CWE-287
critical
 9.8
9.8
2018-03-05 CVE-2017-7437 Cross-site Scripting vulnerability in Netiq Privileged Account Manager 3.1
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests.
network
low complexity
netiq CWE-79
6.1
6.1
2018-03-02 CVE-2017-7438 Cross-site Scripting vulnerability in Netiq Privileged Account Manager 3.1
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter.
network
low complexity
netiq CWE-79
6.1
6.1