Page 6 of 31 results (0.028 seconds)

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance. NetIQ iManager, en versiones anteriores a la 3.0.3, entregaba una clave privada SSL en una aplicación Java (archivo JAR) para autenticación en Sentinel, lo que permite que atacantes remotos extraigan y establezcan sus propias conexiones en la aplicación de Sentinel. • https://bugzilla.suse.com/show_bug.cgi?id=1021637 https://www.netiq.com/support/kb/doc.php?id=7016795 • CWE-287: Improper Authentication CWE-522: Insufficiently Protected Credentials •

CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0

Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2. Existen múltiples problemas potenciales de XSS reflejado en NetIQ iManager en versiones anteriores a la 2.7.7 Patch 10 HF2 y 3.0.3.2. • https://www.netiq.com/documentation/imanager-3/imanager3032_releasenotes/data/imanager3032_releasenotes.html https://www.netiq.com/documentation/imanager/imanager27710hf2readme/data/imanager27710hf2readme.html https://www.novell.com/support/kb/doc.php?id=7016795 https://www.novell.com/support/kb/doc.php?id=7021423 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 28EXPL: 0

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework. Novell iManager en versiones 2.7.x anteriores a la 2.7 SP7 Patch 10 HF1 y NetIQ iManager versiones 3.x anteriores a la 3.0.3.1 presentan una vulnerabilidad de XSS persistente en el Framework. • https://bugzilla.novell.com/show_bug.cgi?id=1024959 https://bugzilla.novell.com/show_bug.cgi?id=1030691 https://dl.netiq.com/Download?buildid=24FxpmqdThE~ https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ https://www.netiq.com/support/kb/doc.php? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 28EXPL: 0

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. Novell iManager 2.7.x antes 2.7 SP7 Patch 10 HF1 y NetIQ iManager 3.x antes 3.0.3.1 tienen una vulnerabilidad de carga de webshell. • https://bugzilla.novell.com/show_bug.cgi?id=1027619 https://dl.netiq.com/Download?buildid=24FxpmqdThE~ https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ https://www.netiq.com/support/kb/doc.php?id=7016795 https://www.novell.com/support/kb/doc.php? •

CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0

NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat. NetIQ iManager 3.x antes de 3.0.3.1 tiene un problema en la renegociación de los parámetros de conexión con Tomcat. • https://bugzilla.novell.com/show_bug.cgi?id=1029431 https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~ https://www.netiq.com/support/kb/doc.php?id=7016795 • CWE-20: Improper Input Validation •