CVE-2018-1346 – NetIQ eDirectory Denial of Service
https://notcve.org/view.php?id=CVE-2018-1346
Addresses denial of service attack to eDirectory versions prior to 9.1. Se trata de un ataque de denegación de servicio (DoS) en eDirectory, en versiones anteriores a la 9.1. • http://www.securityfocus.com/bid/103493 https://www.netiq.com/documentation/edirectory-91/edirectory91_releasenotes/data/edirectory91_releasenotes.html •
CVE-2018-1345 – iManager elevation of privilege
https://notcve.org/view.php?id=CVE-2018-1345
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. NetIQ iManager, en versiones anteriores a la 3.1, podría ser susceptible bajo ciertas circunstancias a un ataque de elevación de privilegios. • https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html •
CVE-2018-1347 – NetIQ iManager, versions prior to 3.1, reflected XSS issue
https://notcve.org/view.php?id=CVE-2018-1347
The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting. La interfaz web administrativa en NetIQ iManager, en versiones anteriores a la 3.1, es vulnerable a Cross-Site Scripting (XSS) reflejado. • http://www.securityfocus.com/bid/103492 https://www.netiq.com/documentation/imanager-31/imanager31_releasenotes/data/imanager31_releasenotes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-7678 – XSS vulnerability in NetIQ Access Manager (NAM) Admin Console component
https://notcve.org/view.php?id=CVE-2018-7678
A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. Existe una vulnerabilidad de Cross-Site Scripting (XSS) en la consola de administración en NetIQ Access Manager (NAM) , versiones 4.3 y 4.4. • http://www.securityfocus.com/bid/103421 https://www.netiq.com/support/kb/doc.php?id=7022724 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-7677 – CSRF in NetIQ Access Manager (NAM) Identity Server component
https://notcve.org/view.php?id=CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. Existe exposición CSRF en NetIQ Access Manager (NAM) 4.4, en el componente Identity Server. • http://www.securityfocus.com/bid/103420 https://www.netiq.com/support/kb/doc.php?id=7022725 • CWE-352: Cross-Site Request Forgery (CSRF) •