CVE-2020-25839
https://notcve.org/view.php?id=CVE-2020-25839
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1. NetIQ Identity Manager versiones 4.8 anteriores a 4.8 SP2 HF1, está afectado por una vulnerabilidad de inyección. Esta vulnerabilidad es corregida en NetIQ IdM versión 4.8 SP2 HF1 • https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2020-11849 – Elevation of privilege and unauthorized access in Micro Focus Identity Manager product
https://notcve.org/view.php?id=CVE-2020-11849
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access. Una elevación de privilegios y/o vulnerabilidad de acceso no autorizado en Micro Focus Identity Manager. Afecta las versiones anteriores a 4.7.3 y 4.8.1 hotfix 1. • https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html •
CVE-2016-1600
https://notcve.org/view.php?id=CVE-2016-1600
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. El controlador ServiceNow en las versiones del Gestor de identidades NetIQ anteriores a la 4.6 es susceptible a una vulnerabilidad de divulgación de información. • https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-9273
https://notcve.org/view.php?id=CVE-2017-9273
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to unauthorized log configuration changes. El controlador bidireccional en IDM 4.5 en versiones anteriores a la 4.0.3.0 podría ser susceptible a cambios de la configuración del registro sin autorización. • https://download.microfocus.com/Download?buildid=SRL-_pc5pR8 •
CVE-2017-9272
https://notcve.org/view.php?id=CVE-2017-9272
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack. El controlador bidireccional en IDM 4.5 en versiones anteriores a la 4.0.3.0 podría ser susceptible a un ataque de denegación de servicio (DoS). • https://download.microfocus.com/Download?buildid=SRL-_pc5pR8 • CWE-20: Improper Input Validation •