Every CVE whose affected-product data names Microfocus Imanager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2023-24467 — CVSS 8.8 (high): Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.
CVE-2021-38116 — CVSS 8.8 (high): Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before…
CVE-2021-38117 — CVSS 8.8 (high): Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
CVE-2021-38135 — CVSS 8.6 (high): Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000.
CVE-2024-3483 — CVSS 7.8 (high): Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure…
CVE-2024-3486 — CVSS 7.8 (high): XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote…
CVE-2024-3969 — CVSS 7.8 (high): XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing…
CVE-2024-3968 — CVSS 7.8 (high): Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using…
CVE-2022-26324 — CVSS 7.6 (high): Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.
CVE-2024-3967 — CVSS 7.6 (high): Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng…
CVE-2020-11859 — CVSS 7.6 (high): Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3
CVE-2023-24466 — CVSS 7.5 (high): Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.
CVE-2021-38119 — CVSS 6.1 (medium): Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
CVE-2021-38134 — CVSS 6.1 (medium): Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000.
CVE-2024-3484 — CVSS 5.7 (medium): Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure.
CVE-2024-3488 — CVSS 5.6 (medium): File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker…
CVE-2021-38118 — CVSS 5.5 (medium): Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
CVE-2024-4429 — CVSS 5.4 (medium): Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information…
CVE-2024-3485 — CVSS 5.3 (medium): Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information…
CVE-2024-3970 — CVSS 5.3 (medium): Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information…
CVE-2024-3487 — CVSS 3.5 (low): Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate…