Imanager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Imanager
(Netiq)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	12

Date	Id	Summary	Products	Score	Patch	Annotated
2017-05-03	CVE-2017-7430	Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.	Imanager, Imanager	6.1
2017-05-03	CVE-2017-7431	Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.	Imanager, Imanager	8.8
2017-05-03	CVE-2017-7432	Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.	Imanager, Imanager	9.8
2017-11-06	CVE-2017-7425	Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2.	Imanager	6.1
2018-03-02	CVE-2017-5189	NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.	Imanager	7.5
2018-03-21	CVE-2018-1344	Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1	Imanager	8.6
2018-03-21	CVE-2018-1345	NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.	Imanager	8.8
2018-03-21	CVE-2018-1347	The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.	Imanager	6.1
2018-07-10	CVE-2018-12462	NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.	Imanager	6.1
2023-01-26	CVE-2022-38758	Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.	Imanager	6.1