Vulnerabilities (CVE)

Filtered by vendor Netiq Subscribe

Filtered by product Identity Manager

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-9278	1 Netiq	1 Identity Manager	2019-10-09	5.0 MEDIUM	9.8 CRITICAL
The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
CVE-2017-7426	1 Netiq	1 Identity Manager	2019-10-09	6.4 MEDIUM	9.1 CRITICAL
The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
CVE-2017-7434	1 Netiq	1 Identity Manager	2019-10-09	5.0 MEDIUM	9.8 CRITICAL
In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.