This page aggregates publicly disclosed CVE and security risk information related to netegrity, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2004-0425 | Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie. | [email protected] | 10.0 | 5.32% | 2004-08-18 | 2026-04-16 |
| CVE-2004-0672 | Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype parameter. | [email protected] | 6.8 | 0.48% | 2004-08-06 | 2026-04-16 |
| CVE-2001-1455 | Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters. | [email protected] | 7.5 | 0.76% | 2001-08-24 | 2026-04-16 |
| CVE-2000-0850 | Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL. | [email protected] | 7.5 | 0.52% | 2000-11-14 | 2026-04-16 |