This page lists publicly disclosed CVE vulnerabilities affecting microfocus imanager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-24467 | Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. | [email protected] | 8.8 | 1.05% | 2024-11-22 | 2025-04-10 |
| CVE-2023-24466 | Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. | [email protected] | 7.5 | 0.52% | 2024-11-22 | 2025-04-10 |
| CVE-2022-26324 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000. | [email protected] | 7.6 | 0.27% | 2024-11-22 | 2025-04-10 |
| CVE-2021-38135 | Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000. | [email protected] | 8.6 | 0.43% | 2024-11-22 | 2025-03-04 |
| CVE-2021-38134 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000. | [email protected] | 6.1 | 0.28% | 2024-11-22 | 2025-04-10 |
| CVE-2021-38119 | Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | [email protected] | 6.1 | 0.29% | 2024-11-22 | 2025-04-10 |
| CVE-2021-38118 | Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | [email protected] | 5.5 | 0.21% | 2024-11-22 | 2025-03-04 |
| CVE-2021-38117 | Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | [email protected] | 8.8 | 1.09% | 2024-11-22 | 2025-04-10 |
| CVE-2021-38116 | Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5 | [email protected] | 8.8 | 0.59% | 2024-11-22 | 2025-04-10 |
| CVE-2020-11859 | Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 | [email protected] | 7.6 | 0.33% | 2024-11-06 | 2024-11-08 |
| CVE-2024-4429 | Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure. | [email protected] | 5.4 | 0.18% | 2024-05-28 | 2025-01-21 |
| CVE-2024-3969 | XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload | [email protected] | 7.8 | 0.50% | 2024-05-28 | 2025-01-21 |
| CVE-2024-3970 | Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal. | [email protected] | 5.3 | 0.51% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3968 | Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task. | [email protected] | 7.8 | 0.67% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3967 | Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization. | [email protected] | 7.6 | 0.64% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3488 | File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication. | [email protected] | 5.6 | 0.37% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3487 | Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication. | [email protected] | 3.5 | 0.42% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3486 | XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code execution. | [email protected] | 7.8 | 0.47% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3485 | Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure. | [email protected] | 5.3 | 0.25% | 2024-05-15 | 2025-01-21 |
| CVE-2024-3484 | Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure. | [email protected] | 5.7 | 0.51% | 2024-05-15 | 2025-01-21 |