Search
Find a vulnerability
Search criteria
2 vulnerabilities by NetIQ eDirectory
CVE-2018-19645 (GCVE-0-2018-19645)
Vulnerability from cvelistv5 – Published: 2019-02-12 20:00 – Updated: 2024-09-16 22:55
VLAI
Title
Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5
Summary
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://help.serena.com/doc_center/sbm/ver11_5/sbm… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NetIQ eDirectory | NetIQ Access Manager (NAM) |
Affected:
Solutions Business Manager (SBM) , < 11.5
(custom)
|
Date Public
2019-01-23 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:44:19.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Access Manager (NAM)",
"vendor": "NetIQ eDirectory",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "Solutions Business Manager (SBM)",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
}
],
"datePublic": "2019-01-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:01.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
"ID": "CVE-2018-19645",
"STATE": "PUBLIC",
"TITLE": "Solutions Business Manager (SBM) Authentication Bypass Issue in Version prior to 11.5"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Access Manager (NAM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "Solutions Business Manager (SBM)",
"version_value": "11.5"
}
]
}
}
]
},
"vendor_name": "NetIQ eDirectory"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
"refsource": "CONFIRM",
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-19645",
"datePublished": "2019-02-12T20:00:00.000Z",
"dateReserved": "2018-11-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:55:43.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12480 (GCVE-0-2018-12480)
Vulnerability from cvelistv5 – Published: 2018-11-15 13:00 – Updated: 2025-02-13 16:27
VLAI
Title
NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3
Summary
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.
Severity
No CVSS data available.
CWE
- XSS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.microfocus.com/kb/doc.php?id=7023513 | x_refsource_CONFIRM |
| https://www.netiq.com/documentation/access-manage… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NetIQ eDirectory | NetIQ Access Manager (NAM) |
Affected:
NetIQ Access Manager , < 4.4 SP3
(custom)
|
Date Public
2018-11-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ Access Manager (NAM)",
"vendor": "NetIQ eDirectory",
"versions": [
{
"lessThan": "4.4 SP3",
"status": "affected",
"version": "NetIQ Access Manager",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T03:01:03.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-11-12T01:00:00.000Z",
"ID": "CVE-2018-12480",
"STATE": "PUBLIC",
"TITLE": "NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ Access Manager (NAM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "NetIQ Access Manager",
"version_value": "4.4 SP3"
}
]
}
}
]
},
"vendor_name": "NetIQ eDirectory"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.microfocus.com/kb/doc.php?id=7023513",
"refsource": "CONFIRM",
"url": "https://support.microfocus.com/kb/doc.php?id=7023513"
},
{
"name": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to NetIQ Access Manager versions prior to 4.4 SP3."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-12480",
"datePublished": "2018-11-15T13:00:00.000Z",
"dateReserved": "2018-06-15T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:15.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}