CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22518 – Sensitive Information logging in NetIQ Identity Manager Driver
https://notcve.org/view.php?id=CVE-2021-22518
12 Sep 2024 — A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0 • https://www.netiq.com/documentation/identity-manager-48-drivers/AzureADDriver514/data/AzureADDriver514.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38131 – Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-38131
12 Sep 2024 — Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. • https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38132 – Possible External service interaction Vulnerability
https://notcve.org/view.php?id=CVE-2021-38132
12 Sep 2024 — Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. • https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38133 – Possible Improper authentication Vulnerability in OpenText eDirectory
https://notcve.org/view.php?id=CVE-2021-38133
12 Sep 2024 — Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. • https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html • CWE-521: Weak Password Requirements •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26322 – Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager
https://notcve.org/view.php?id=CVE-2022-26322
12 Sep 2024 — Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has been discovered in OpenText™ Identity Manager REST Driver. This impact version before 1.1.2.0200. Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has been discovered in OpenText™ Identity Manager REST Driver. This impact version before 1.1.2.0200. • https://www.netiq.com/documentation/identity-manager-48-drivers/RESTDriver1.1.2.0300_readme/data/RESTDriver1.1.2.0300_readme.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7427 – Potential Cross-Site Scripting vulnerability affect OpenText™ Network Node Manager i (NNMi).
https://notcve.org/view.php?id=CVE-2024-7427
23 Aug 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Network Node Manager i (NNMi) could allow Cross-Site Scripting (XSS).This issue affects Network Node Manager i (NNMi): 2022.11, 2023.05, 23.4, 24.2. • https://portal.microfocus.com/s/article/KM000033018?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7428 – Potential Open Redirect issues affect OpenText™ Network Node Manager i (NNMi).
https://notcve.org/view.php?id=CVE-2024-7428
23 Aug 2024 — URL Redirection to Untrusted Site ('Open Redirect') vulnerability in OpenText™ Network Node Manager i (NNMi) allows URL Redirector Abuse.This issue affects Network Node Manager i (NNMi): 2022.11, 2023.05, 23.4, 24.2. • https://portal.microfocus.com/s/article/KM000033015?language=en_US • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7260 – A path traversal vulnerability has been discovered in OpenText™ CX-E Voice.
https://notcve.org/view.php?id=CVE-2023-7260
22 Aug 2024 — Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system. Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system. • https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0823114 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26327 – Stored cross-site scripting (XSS) has been discovered in OpenText™ Performance Center
https://notcve.org/view.php?id=CVE-2022-26327
21 Aug 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenText Performance Center on Windows allows Retrieve Embedded Sensitive Data.This issue affects Performance Center: 12.63. • https://portal.microfocus.com/s/article/KM000006815?language=en_US • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26328 – User enumeration vulnerability has been discovered in OpenText™ Performance Center
https://notcve.org/view.php?id=CVE-2022-26328
21 Aug 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText Performance Center on Windows allows Cross-Site Scripting (XSS).This issue affects Performance Center: 12.63. • https://portal.microfocus.com/s/article/KM000032041?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •