Micro Focus Edirectory
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Micro Focus Edirectory.
By the Year
In 2025 there have been 0 vulnerabilities in Micro Focus Edirectory. Last year, in 2024 Edirectory had 6 security vulnerabilities published. Right now, Edirectory is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 6 | 7.52 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 6 | 7.63 |
It may take a day or so for new Edirectory vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Micro Focus Edirectory Security Vulnerabilities
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText eDirectory
CVE-2021-38133
6.5 - Medium
- September 12, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText eDirectory. This impact all version before 9.2.6.0000.
Weak Password Requirements
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText eDirectory
CVE-2021-38132
9.8 - Critical
- September 12, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText eDirectory. This impact all version before 9.2.6.0000.
SSRF
Possible Cross-Site Scripting (XSS) Vulnerability
in eDirectory has been discovered in
OpenText eDirectory 9.2.5.0000.
CVE-2021-38131
6.1 - Medium
- September 12, 2024
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText eDirectory 9.2.5.0000.
XSS
Possible Insertion of Sensitive Information into Log File Vulnerability
in eDirectory has been discovered in
OpenText eDirectory 9.2.4.0000.
CVE-2021-22533
9.1 - Critical
- September 12, 2024
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText eDirectory 9.2.4.0000.
Insertion of Sensitive Information into Log File
Possible NLDAP Denial of Service attack Vulnerability
in eDirectory has been discovered in
OpenText
eDirectory before 9.2.4.0000.
CVE-2021-22532
7.5 - High
- September 12, 2024
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText eDirectory before 9.2.4.0000.
Allocation of Resources Without Limits or Throttling
Possible
Improper Neutralization of Input During Web Page Generation Vulnerability
in eDirectory has been discovered in
OpenText eDirectory 9.2.3.0000.
CVE-2021-22503
6.1 - Medium
- September 12, 2024
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText eDirectory 9.2.3.0000.
XSS
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
CVE-2018-17950
7.5 - High
- December 12, 2018
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
AuthZ
Cross site scripting vulnerability in eDirectory prior to 9.1 SP2
CVE-2018-17952
6.1 - Medium
- December 12, 2018
Cross site scripting vulnerability in eDirectory prior to 9.1 SP2
XSS
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
CVE-2018-7686
7.5 - High
- August 09, 2018
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
Information Disclosure
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
CVE-2018-7692
6.1 - Medium
- August 09, 2018
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
Open Redirect
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code
CVE-2017-7429
8.8 - High
- March 02, 2018
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
Improper Certificate Validation
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used
CVE-2017-9285
9.8 - Critical
- March 02, 2018
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
authentification
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2
CVE-2012-0428
- December 25, 2012
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
XSS
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows
CVE-2012-0429
- December 25, 2012
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows
CVE-2012-0430
- December 25, 2012
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2
CVE-2012-0432
- December 25, 2012
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Micro Focus Edirectory or by Micro Focus? Click the Watch button to subscribe.
