CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22525
https://notcve.org/view.php?id=CVE-2021-22525
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 Esta versión soluciona una posible vulnerabilidad de filtrado de información en NetIQ Access Manager versiones anteriores a 5.0.1 • https://support.microfocus.com/kb/doc.php?id=7025254 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25840
https://notcve.org/view.php?id=CVE-2020-25840
Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction. Una vulnerabilidad de tipo Cross-Site scripting en el producto Micro Focus Access Manager afecta a todas las versiones anteriores a 5.0. La vulnerabilidad podría causar una destrucción de la configuración. • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22506 – Micro Focus Access Manager Information Leakage Vulnerability
https://notcve.org/view.php?id=CVE-2021-22506
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage. Una configuración avanzada que expone una vulnerabilidad de Filtrado de Información en el producto Micro Focus Access Manager afecta a todas las versiones anteriores a 5.0. La vulnerabilidad podría causar un filtrado de información. Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used. • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22496
https://notcve.org/view.php?id=CVE-2021-22496
Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage. Una vulnerabilidad de Omisión de Autenticación en Micro Focus Access Manager Product afecta a todas las versiones anteriores a 4.5.3.3. La vulnerabilidad podría causar una filtración de información • https://www.netiq.com/documentation/access-manager-45-appliance/accessmanager453-p3-release-notes/data/accessmanager453-p3-release-notes.html • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18255
https://notcve.org/view.php?id=CVE-2018-18255
An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges. Se ha descubierto un problema en CapMon Access Manager 5.4.1.1005. Las aplicaciones de cliente de AccessManagerCoreService.exe se comunican con este servidor mediante tuberías nombradas. • https://improsec.com/tech-blog/cam1 • CWE-287: Improper Authentication •