Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for identity_manager by microfocus

    CVE-2020-25839 (GCVE-0-2020-25839)

    Vulnerability from nvd – Published: 2020-11-20 15:24 – Updated: 2024-08-04 15:40
    VLAI
    Summary
    NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.
    Severity
    No CVSS data available.
    CWE
    • Injection attack
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a NetIQ Identity Manager Affected: All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:40:37.183Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NetIQ Identity Manager",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Injection attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:36.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2020-25839",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NetIQ Identity Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Injection attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2020-25839",
        "datePublished": "2020-11-20T15:24:20.000Z",
        "dateReserved": "2020-09-23T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:40:37.183Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11849 (GCVE-0-2020-11849)

    Vulnerability from nvd – Published: 2020-07-08 13:30 – Updated: 2024-09-17 01:30
    VLAI
    Title
    Elevation of privilege and unauthorized access in Micro Focus Identity Manager product
    Summary
    Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
    Severity
    No CVSS data available.
    CWE
    • Elevation of privilege and/or unauthorized access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Fosus Identity Manager Affected: unspecified , ≤ 4.7.3 (custom)
    Affected: unspecified , ≤ 4.8.1 (custom)
    Create a notification for this product.
    Date Public
    2020-07-07 00:00
    Credits
    Mark van Reijn, of IDFocus.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:41:59.919Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager",
              "vendor": "Micro Fosus",
              "versions": [
                {
                  "lessThanOrEqual": "4.7.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.8.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Mark van Reijn, of IDFocus."
            }
          ],
          "datePublic": "2020-07-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "Elevation of privilege and/or unauthorized access"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege and/or unauthorized access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:30.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2020-07-07T20:00:00.000Z",
              "ID": "CVE-2020-11849",
              "STATE": "PUBLIC",
              "TITLE": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.7.3"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.8.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Fosus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Mark van Reijn, of IDFocus."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "Elevation of privilege and/or unauthorized access"
              }
            ],
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of privilege and/or unauthorized access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html",
                  "refsource": "MISC",
                  "url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
                },
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html",
                  "refsource": "MISC",
                  "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2020-11849",
        "datePublished": "2020-07-08T13:30:36.737Z",
        "dateReserved": "2020-04-16T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:30:32.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-1600 (GCVE-0-2016-1600)

    Vulnerability from nvd – Published: 2019-05-09 20:33 – Updated: 2024-08-05 23:02
    VLAI
    Summary
    The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.
    Severity
    No CVSS data available.
    CWE
    • Information disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    NetIQ Identity Manager Affected: Versions prior to version 4.6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:02:11.758Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager",
              "vendor": "NetIQ",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions prior to version 4.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:46.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2016-1600",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions prior to version 4.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NetIQ"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu",
                  "refsource": "CONFIRM",
                  "url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-1600",
        "datePublished": "2019-05-09T20:33:45.000Z",
        "dateReserved": "2016-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:02:11.758Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-25839 (GCVE-0-2020-25839)

    Vulnerability from cvelistv5 – Published: 2020-11-20 15:24 – Updated: 2024-08-04 15:40
    VLAI
    Summary
    NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.
    Severity
    No CVSS data available.
    CWE
    • Injection attack
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a NetIQ Identity Manager Affected: All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:40:37.183Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NetIQ Identity Manager",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Injection attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:36.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2020-25839",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NetIQ Identity Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions in the 4.8 line prior to version 4.8 Service Pack 2 HotFix 1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Injection attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2020-25839",
        "datePublished": "2020-11-20T15:24:20.000Z",
        "dateReserved": "2020-09-23T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:40:37.183Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11849 (GCVE-0-2020-11849)

    Vulnerability from cvelistv5 – Published: 2020-07-08 13:30 – Updated: 2024-09-17 01:30
    VLAI
    Title
    Elevation of privilege and unauthorized access in Micro Focus Identity Manager product
    Summary
    Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
    Severity
    No CVSS data available.
    CWE
    • Elevation of privilege and/or unauthorized access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Fosus Identity Manager Affected: unspecified , ≤ 4.7.3 (custom)
    Affected: unspecified , ≤ 4.8.1 (custom)
    Create a notification for this product.
    Date Public
    2020-07-07 00:00
    Credits
    Mark van Reijn, of IDFocus.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:41:59.919Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager",
              "vendor": "Micro Fosus",
              "versions": [
                {
                  "lessThanOrEqual": "4.7.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.8.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Mark van Reijn, of IDFocus."
            }
          ],
          "datePublic": "2020-07-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "Elevation of privilege and/or unauthorized access"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege and/or unauthorized access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:30.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2020-07-07T20:00:00.000Z",
              "ID": "CVE-2020-11849",
              "STATE": "PUBLIC",
              "TITLE": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.7.3"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.8.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Fosus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Mark van Reijn, of IDFocus."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "Elevation of privilege and/or unauthorized access"
              }
            ],
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of privilege and/or unauthorized access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html",
                  "refsource": "MISC",
                  "url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
                },
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html",
                  "refsource": "MISC",
                  "url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2020-11849",
        "datePublished": "2020-07-08T13:30:36.737Z",
        "dateReserved": "2020-04-16T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:30:32.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-1600 (GCVE-0-2016-1600)

    Vulnerability from cvelistv5 – Published: 2019-05-09 20:33 – Updated: 2024-08-05 23:02
    VLAI
    Summary
    The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.
    Severity
    No CVSS data available.
    CWE
    • Information disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    NetIQ Identity Manager Affected: Versions prior to version 4.6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:02:11.758Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Manager",
              "vendor": "NetIQ",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions prior to version 4.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:46.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2016-1600",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions prior to version 4.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NetIQ"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu",
                  "refsource": "CONFIRM",
                  "url": "https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html#t433o7au0niu"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-1600",
        "datePublished": "2019-05-09T20:33:45.000Z",
        "dateReserved": "2016-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:02:11.758Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }