CVE-2017-9285
- EPSS 0.21%
- Veröffentlicht 02.03.2018 20:29:01
- Zuletzt bearbeitet 21.11.2024 03:35:45
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
CVE-2017-7429
- EPSS 0.19%
- Veröffentlicht 02.03.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:31:52
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
CVE-2012-0428
- EPSS 0.26%
- Veröffentlicht 25.12.2012 12:13:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- EPSS 0.63%
- Veröffentlicht 25.12.2012 12:13:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.
CVE-2012-0430
- EPSS 0.28%
- Veröffentlicht 25.12.2012 12:13:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
- EPSS 85.18%
- Veröffentlicht 25.12.2012 12:13:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.