| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-9412 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in
|
09-04-2021 - 16:36 | 23-12-2014 - 11:59 | |
| CVE-2014-5216 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the e
|
09-04-2021 - 16:36 | 23-12-2014 - 11:59 | |
| CVE-2014-5217 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change th
|
09-04-2021 - 16:36 | 23-12-2014 - 11:59 | |
| CVE-2014-5215 | 4.0 |
NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.
|
09-04-2021 - 16:36 | 23-12-2014 - 11:59 | |
| CVE-2014-5214 | 4.0 |
nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query parameter containing an XML external entity declarati
|
09-04-2021 - 16:36 | 23-12-2014 - 11:59 |