Search criteria
4 vulnerabilities found for NetIQ Access Manager (NAM) by NetIQ eDirectory
CVE-2018-19645 (GCVE-0-2018-19645)
Vulnerability from nvd – Published: 2019-02-12 20:00 – Updated: 2024-09-16 22:55
VLAI?
Title
Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5
Summary
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
Severity ?
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetIQ eDirectory | NetIQ Access Manager (NAM) |
Affected:
Solutions Business Manager (SBM) , < 11.5
(custom)
|
Credits
Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:44:19.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Access Manager (NAM)",
"vendor": "NetIQ eDirectory",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "Solutions Business Manager (SBM)",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
}
],
"datePublic": "2019-01-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:01",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
"ID": "CVE-2018-19645",
"STATE": "PUBLIC",
"TITLE": "Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Access Manager (NAM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "Solutions Business Manager (SBM)",
"version_value": "11.5"
}
]
}
}
]
},
"vendor_name": "NetIQ eDirectory"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
"refsource": "CONFIRM",
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-19645",
"datePublished": "2019-02-12T20:00:00Z",
"dateReserved": "2018-11-28T00:00:00",
"dateUpdated": "2024-09-16T22:55:43.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12480 (GCVE-0-2018-12480)
Vulnerability from nvd – Published: 2018-11-15 13:00 – Updated: 2025-02-13 16:27
VLAI?
Title
NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3
Summary
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.
Severity ?
No CVSS data available.
CWE
- XSS
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetIQ eDirectory | NetIQ Access Manager (NAM) |
Affected:
NetIQ Access Manager , < 4.4 SP3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Access Manager (NAM)",
"vendor": "NetIQ eDirectory",
"versions": [
{
"lessThan": "4.4 SP3",
"status": "affected",
"version": "NetIQ Access Manager",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T03:01:03.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-11-12T01:00:00.000Z",
"ID": "CVE-2018-12480",
"STATE": "PUBLIC",
"TITLE": "NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Access Manager (NAM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "NetIQ Access Manager",
"version_value": "4.4 SP3"
}
]
}
}
]
},
"vendor_name": "NetIQ eDirectory"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.microfocus.com/kb/doc.php?id=7023513",
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"name": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-12480",
"datePublished": "2018-11-15T13:00:00.000Z",
"dateReserved": "2018-06-15T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:15.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19645 (GCVE-0-2018-19645)
Vulnerability from cvelistv5 – Published: 2019-02-12 20:00 – Updated: 2024-09-16 22:55
VLAI?
Title
Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5
Summary
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
Severity ?
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetIQ eDirectory | NetIQ Access Manager (NAM) |
Affected:
Solutions Business Manager (SBM) , < 11.5
(custom)
|
Credits
Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:44:19.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Access Manager (NAM)",
"vendor": "NetIQ eDirectory",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "Solutions Business Manager (SBM)",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
}
],
"datePublic": "2019-01-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:01",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
"ID": "CVE-2018-19645",
"STATE": "PUBLIC",
"TITLE": "Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Access Manager (NAM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "Solutions Business Manager (SBM)",
"version_value": "11.5"
}
]
}
}
]
},
"vendor_name": "NetIQ eDirectory"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
"refsource": "CONFIRM",
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-19645",
"datePublished": "2019-02-12T20:00:00Z",
"dateReserved": "2018-11-28T00:00:00",
"dateUpdated": "2024-09-16T22:55:43.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12480 (GCVE-0-2018-12480)
Vulnerability from cvelistv5 – Published: 2018-11-15 13:00 – Updated: 2025-02-13 16:27
VLAI?
Title
NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3
Summary
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.
Severity ?
No CVSS data available.
CWE
- XSS
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetIQ eDirectory | NetIQ Access Manager (NAM) |
Affected:
NetIQ Access Manager , < 4.4 SP3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Access Manager (NAM)",
"vendor": "NetIQ eDirectory",
"versions": [
{
"lessThan": "4.4 SP3",
"status": "affected",
"version": "NetIQ Access Manager",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T03:01:03.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-11-12T01:00:00.000Z",
"ID": "CVE-2018-12480",
"STATE": "PUBLIC",
"TITLE": "NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Access Manager (NAM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "NetIQ Access Manager",
"version_value": "4.4 SP3"
}
]
}
}
]
},
"vendor_name": "NetIQ eDirectory"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.microfocus.com/kb/doc.php?id=7023513",
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"name": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-12480",
"datePublished": "2018-11-15T13:00:00.000Z",
"dateReserved": "2018-06-15T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:15.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}