CVE-2024-3485 – Server-Side Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3485
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure. Se ha descubierto una vulnerabilidad de Server Side Request Forgery en OpenText™ iManager 3.2.6.0200. Esto podría dar lugar a la divulgación de información confidencial. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2024-3484 – Path Traversal vulnerability found in iManager
https://notcve.org/view.php?id=CVE-2024-3484
Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure. Path Traversal encontrada en OpenText™ iManager 3.2.6.0200. Esto puede conducir a una escalada de privilegios o a la divulgación de archivos. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-3483 – Remote Code Execution vulnerability in the iManager
https://notcve.org/view.php?id=CVE-2024-3483
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization issues. Se ha descubierto la ejecución remota de código en OpenText™ iManager 3.2.6.0200. La vulnerabilidad puede provocar inyección de comandos y problemas de deserialización insegura. • https://github.com/julio-cfa/CVE-2024-34832 https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-434: Unrestricted Upload of File with Dangerous Type CWE-502: Deserialization of Untrusted Data •
CVE-2024-3967 – Remote Code Execution vulnerability in the iManager
https://notcve.org/view.php?id=CVE-2024-3967
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization. Se ha descubierto la ejecución remota de código en OpenText™ iManager 3.2.6.0200. La vulnerabilidad puede desencadenar la ejecución remota de código eliminando la deserialización de objetos Java inseguros. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-502: Deserialization of Untrusted Data •
CVE-2024-3968 – Remote Code Execution vulnerability in the iManager
https://notcve.org/view.php?id=CVE-2024-3968
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task. Se ha descubierto la ejecución remota de código en OpenText™ iManager 3.2.6.0200. La vulnerabilidad puede desencadenar la ejecución remota de código mediante una tarea de carga de archivos personalizada. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-20: Improper Input Validation •