) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:netiq:access_manager:4.4:sp2:*:*:*:*:*:*
- CPE Name Search: true
There are 4 matching records.
Displaying matches 1 through 4.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-7678 |
A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. Published: March 14, 2018; 11:29:00 AM -0400 |
V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2018-7677 |
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. Published: March 14, 2018; 11:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2018-1342 |
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console. Published: January 25, 2018; 9:29:03 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2017-14803 |
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system. Published: January 19, 2018; 7:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |