Openiam CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Openiam Subscriptions

Search

Switch to Advanced Search (Beta)

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-13422	1 Openiam	1 Openiam	2024-11-21	8.1 High
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative actions.
CVE-2020-13421	1 Openiam	1 Openiam	2024-11-21	9.8 Critical
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions.
CVE-2020-13420	1 Openiam	1 Openiam	2024-11-21	9.8 Critical
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script.
CVE-2020-13419	1 Openiam	1 Openiam	2024-11-21	5.3 Medium
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task.
CVE-2020-13418	1 Openiam	1 Openiam	2024-11-21	6.1 Medium
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature.

Page 1 of 1.