CVE-2018-12480
- EPSS 0.24%
- Published 15.11.2018 13:29:00
- Last modified 21.11.2024 03:45:18
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.
CVE-2014-9412
- EPSS 6.35%
- Published 23.12.2014 11:59:05
- Last modified 12.04.2025 10:46:40
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in...
CVE-2014-5217
- EPSS 0.19%
- Published 23.12.2014 11:59:03
- Last modified 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change th...
CVE-2014-5216
- EPSS 9.33%
- Published 23.12.2014 11:59:02
- Last modified 12.04.2025 10:46:40
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the e...
- EPSS 0.36%
- Published 23.12.2014 11:59:01
- Last modified 12.04.2025 10:46:40
NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.
- EPSS 0.5%
- Published 23.12.2014 11:59:00
- Last modified 12.04.2025 10:46:40
nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query parameter containing an XML external entity declarati...