Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Identity Manager Plug-ins by NetIQ

    CVE-2017-7426 (GCVE-0-2017-7426)

    Vulnerability from nvd – Published: 2018-03-01 19:00 – Updated: 2024-09-17 03:07
    VLAI
    Title
    iManager - XML External Entity vulnerabilities
    Summary
    The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
    CWE
    • External XML Entity attacks
    Assigner
    References
    Impacted products
    Vendor Product Version
    NetIQ Identity Manager Plug-ins Affected: unspecified , < 4.6.1 (custom)
    Create a notification for this product.
    Date Public
    2017-08-03 00:00
    Credits
    Pawel.Batunek@ingservicespolska.pl
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:04:11.181Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager Plug-ins",
              "vendor": "NetIQ",
              "versions": [
                {
                  "lessThan": "4.6.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pawel.Batunek@ingservicespolska.pl"
            }
          ],
          "datePublic": "2017-08-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "External XML Entity attacks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:59.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
            }
          ],
          "source": {
            "advisory": "7021173",
            "discovery": "EXTERNAL"
          },
          "title": "iManager - XML External Entity vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2017-08-03T00:00:00.000Z",
              "ID": "CVE-2017-7426",
              "STATE": "PUBLIC",
              "TITLE": "iManager - XML External Entity vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager Plug-ins",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "4.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NetIQ"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pawel.Batunek@ingservicespolska.pl"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "External XML Entity attacks"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.novell.com/support/kb/doc.php?id=7021173",
                  "refsource": "CONFIRM",
                  "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
                }
              ]
            },
            "source": {
              "advisory": "7021173",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2017-7426",
        "datePublished": "2018-03-01T19:00:00.000Z",
        "dateReserved": "2017-04-05T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:57.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-7426 (GCVE-0-2017-7426)

    Vulnerability from cvelistv5 – Published: 2018-03-01 19:00 – Updated: 2024-09-17 03:07
    VLAI
    Title
    iManager - XML External Entity vulnerabilities
    Summary
    The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.
    CWE
    • External XML Entity attacks
    Assigner
    References
    Impacted products
    Vendor Product Version
    NetIQ Identity Manager Plug-ins Affected: unspecified , < 4.6.1 (custom)
    Create a notification for this product.
    Date Public
    2017-08-03 00:00
    Credits
    Pawel.Batunek@ingservicespolska.pl
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:04:11.181Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager Plug-ins",
              "vendor": "NetIQ",
              "versions": [
                {
                  "lessThan": "4.6.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pawel.Batunek@ingservicespolska.pl"
            }
          ],
          "datePublic": "2017-08-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "External XML Entity attacks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:59.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
            }
          ],
          "source": {
            "advisory": "7021173",
            "discovery": "EXTERNAL"
          },
          "title": "iManager - XML External Entity vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2017-08-03T00:00:00.000Z",
              "ID": "CVE-2017-7426",
              "STATE": "PUBLIC",
              "TITLE": "iManager - XML External Entity vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager Plug-ins",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "4.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NetIQ"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pawel.Batunek@ingservicespolska.pl"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "External XML Entity attacks"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.novell.com/support/kb/doc.php?id=7021173",
                  "refsource": "CONFIRM",
                  "url": "https://www.novell.com/support/kb/doc.php?id=7021173"
                }
              ]
            },
            "source": {
              "advisory": "7021173",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2017-7426",
        "datePublished": "2018-03-01T19:00:00.000Z",
        "dateReserved": "2017-04-05T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:57.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }