本ページは microfocus edirectory に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-38133 | Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | [email protected] | 7.4 | 0.30% | 2024-09-12 | 2024-09-18 |
| CVE-2021-38132 | Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | [email protected] | 5.3 | 0.12% | 2024-09-12 | 2024-09-18 |
| CVE-2021-38131 | Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. | [email protected] | 5.4 | 0.20% | 2024-09-12 | 2024-09-18 |
| CVE-2021-22533 | Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. | [email protected] | 6.5 | 0.10% | 2024-09-12 | 2024-09-19 |
| CVE-2021-22532 | Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000. | [email protected] | 7.6 | 0.40% | 2024-09-12 | 2024-09-19 |
| CVE-2021-22503 | Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. | [email protected] | 5.4 | 0.27% | 2024-09-12 | 2024-09-19 |
| CVE-2018-17952 | Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 | [email protected] | 6.1 | 0.24% | 2018-12-12 | 2024-11-21 |
| CVE-2018-17950 | Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 | [email protected] | 7.5 | 0.20% | 2018-12-12 | 2024-11-21 |
| CVE-2018-7692 | Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | [email protected] | 6.1 | 0.20% | 2018-08-09 | 2024-11-21 |
| CVE-2018-7686 | Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. | [email protected] | 7.5 | 0.32% | 2018-08-09 | 2024-11-21 |
| CVE-2017-9285 | NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. | [email protected] | 5.4 | 0.22% | 2018-03-02 | 2024-11-21 |
| CVE-2017-7429 | The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. | [email protected] | 8.8 | 0.21% | 2018-03-02 | 2024-11-21 |
| CVE-2012-0432 | Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. | [email protected] | 10.0 | 85.18% | 2012-12-25 | 2026-04-29 |
| CVE-2012-0430 | Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. | [email protected] | 6.4 | 0.30% | 2012-12-25 | 2026-04-29 |
| CVE-2012-0429 | dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. | [email protected] | 4.0 | 0.62% | 2012-12-25 | 2026-04-29 |
| CVE-2012-0428 | Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 0.26% | 2012-12-25 | 2026-04-29 |