Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microfocus Subscribe
Total 266 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22530 1 Microfocus 1 Netiq Advanced Authentication 2024-09-13 N/A 9.9 CRITICAL
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1
CVE-2024-4555 1 Microfocus 1 Netiq Access Manager 2024-09-12 N/A 7.5 HIGH
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
CVE-2024-4556 1 Microfocus 1 Netiq Access Manager 2024-09-12 N/A 7.5 HIGH
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1.
CVE-2020-11847 1 Microfocus 1 Netiq Privileged Access Manager 2024-08-23 N/A 7.8 HIGH
SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1.
CVE-2020-11846 1 Microfocus 1 Netiq Privileged Access Manager 2024-08-23 N/A 7.5 HIGH
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.
CVE-2020-11850 1 Microfocus 1 Netiq Self Service Password Reset 2024-08-23 N/A 6.1 MEDIUM
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6