Every CVE whose affected-product data names Microfocus Edirectory, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2012-0432 — CVSS 10.0 (critical): Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an…
CVE-2017-7429 — CVSS 8.8 (high): The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used…
CVE-2021-22532 — CVSS 7.6 (high): Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.
CVE-2018-7686 — CVSS 7.5 (high): Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
CVE-2021-38133 — CVSS 7.4 (high): Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before…
CVE-2021-22533 — CVSS 6.5 (medium): Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory…
CVE-2012-0430 — CVSS 6.4 (medium): Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to…
CVE-2021-38131 — CVSS 5.4 (medium): Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000.
CVE-2021-22503 — CVSS 5.4 (medium): Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™…
CVE-2017-9285 — CVSS 5.4 (medium): NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory…
CVE-2021-38132 — CVSS 5.3 (medium): Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before…
CVE-2012-0428 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to…
CVE-2012-0429 — CVSS 4.0 (medium): dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial…