CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12461 – Certificate Revocation Check failure
https://notcve.org/view.php?id=CVE-2018-12461
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation. Problemas solucionados con NetIQ eDirectory en versiones anteriores a la 9.1.1 al comprobar la revocación de certificados. • https://www.netiq.com/support/kb/doc.php?id=7016794 • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-9275 – NetIQ Identity Reporting XSS exposure
https://notcve.org/view.php?id=CVE-2017-9275
NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack. NetIQ Identity Reporting en versiones anteriores a la 5.5 Service Pack 1 es susceptible a un ataque Cross-Site Scripting (XSS). • https://download.microfocus.com/Download?buildid=iGYyq6xwjhE~&donotredirect=true • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9284 – IDM 4.6 Identity Applications information leakage
https://notcve.org/view.php?id=CVE-2017-9284
IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information. IDM 4.6 Identity Applications en versiones anteriores a la 4.6.2.1 puede exponer información sensible. • https://download.microfocus.com/Download?buildid=Xg1dZMVbBzs~ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7674 – IDM URL Redirection attack
https://notcve.org/view.php?id=CVE-2018-7674
The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. La consola de usuario de NetIQ Identity Manager, en versiones anteriores a la 4.7, es susceptible a la redirección de URL. • https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm47/data/releasenotes_idm47.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7676 – IDM Information Leakage
https://notcve.org/view.php?id=CVE-2018-7676
The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. En NetIQ Identity Manager, en versiones anteriores a la 4.7, userapp con log / trace habilitado podría filtrar información sensible. • https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm47/data/releasenotes_idm47.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •