Imanager Micro Focus Imanager

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Micro Focus Imanager.

By the Year

In 2025 there have been 0 vulnerabilities in Micro Focus Imanager. Last year, in 2024 Imanager had 21 security vulnerabilities published. Right now, Imanager is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 21 8.55
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 6.10

It may take a day or so for new Imanager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Micro Focus Imanager Security Vulnerabilities

Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText iManager

CVE-2021-38116 8.8 - High - November 22, 2024

Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText iManager. This impacts all versions before 3.2.5

Command Injection

Possible Command injection Vulnerability in iManager has been discovered in OpenText iManager 3.2.4.0000.

CVE-2021-38117 9.8 - Critical - November 22, 2024

Possible Command injection Vulnerability in iManager has been discovered in OpenText iManager 3.2.4.0000.

Command Injection

Possible improper input validation Vulnerability in iManager has been discovered in OpenText iManager 3.2.4.0000.

CVE-2021-38118 7.8 - High - November 22, 2024

Possible improper input validation Vulnerability in iManager has been discovered in OpenText iManager 3.2.4.0000.

Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText iManager 3.2.4.0000.

CVE-2021-38119 6.1 - Medium - November 22, 2024

Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText iManager 3.2.4.0000.

XSS

Possible XSS in iManager URL for access Component has been discovered in OpenText iManager 3.2.5.0000.

CVE-2021-38134 6.1 - Medium - November 22, 2024

Possible XSS in iManager URL for access Component has been discovered in OpenText iManager 3.2.5.0000.

XSS

Possible External Service Interaction attack in iManager has been discovered in OpenText iManager 3.2.6.0000.

CVE-2021-38135 9.8 - Critical - November 22, 2024

Possible External Service Interaction attack in iManager has been discovered in OpenText iManager 3.2.6.0000.

Possible XSS in iManager URL for access Component has been discovered in OpenText iManager 3.2.6.0000.

CVE-2022-26324 5.4 - Medium - November 22, 2024

Possible XSS in iManager URL for access Component has been discovered in OpenText iManager 3.2.6.0000.

XSS

Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText iManager 3.2.6.0200.

CVE-2023-24466 9.8 - Critical - November 22, 2024

Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText iManager 3.2.6.0200.

XXE

Possible Command Injection in iManager GET parameter has been discovered in OpenText iManager 3.2.6.0000.

CVE-2023-24467 9.8 - Critical - November 22, 2024

Possible Command Injection in iManager GET parameter has been discovered in OpenText iManager 3.2.6.0000.

Command Injection

OpenText iManager XSS via Input Validation

CVE-2020-11859 5.4 - Medium - November 06, 2024

Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3

XSS

XML External Entity injection vulnerability found in OpenText iManager 3.2.6.0200

CVE-2024-3969 9.8 - Critical - May 28, 2024

XML External Entity injection vulnerability found in OpenText iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload

XXE

Cross-Site Request Forgery vulnerability has been discovered in OpenText iManager 3.2.6.0200

CVE-2024-4429 7.4 - High - May 28, 2024

Cross-Site Request Forgery vulnerability has been discovered in OpenText iManager 3.2.6.0200. This could lead to sensitive information disclosure.

Session Riding

Server Side Request Forgery vulnerability has been discovered in OpenText iManager 3.2.6.0200

CVE-2024-3485 7.5 - High - May 15, 2024

Server Side Request Forgery vulnerability has been discovered in OpenText iManager 3.2.6.0200. This could lead to senstive information disclosure.

SSRF

Path Traversal found in OpenText iManager 3.2.6.0200

CVE-2024-3484 9.8 - Critical - May 15, 2024

Path Traversal found in OpenText iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure.

Directory traversal

Remote Code Execution has been discovered in OpenText iManager 3.2.6.0200

CVE-2024-3483 9.8 - Critical - May 15, 2024

Remote Code Execution has been discovered in OpenText iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization issues.

Command Injection

XML External Entity injection vulnerability found in OpenText iManager 3.2.6.0200

CVE-2024-3486 9.8 - Critical - May 15, 2024

XML External Entity injection vulnerability found in OpenText iManager 3.2.6.0200. This could lead to information disclosure and remote code execution.

XXE

Broken Authentication vulnerability discovered in OpenText iManager 3.2.6.0200

CVE-2024-3487 9.8 - Critical - May 15, 2024

Broken Authentication vulnerability discovered in OpenText iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication.

authentification

File Upload vulnerability in unauthenticated session found in OpenText iManager 3.2.6.0200

CVE-2024-3488 9.8 - Critical - May 15, 2024

File Upload vulnerability in unauthenticated session found in OpenText iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication.

Unrestricted File Upload

Remote Code Execution has been discovered in OpenText iManager 3.2.6.0200

CVE-2024-3967 9.8 - Critical - May 15, 2024

Remote Code Execution has been discovered in OpenText iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization.

Marshaling, Unmarshaling

Remote Code Execution has been discovered in OpenText iManager 3.2.6.0200

CVE-2024-3968 9.8 - Critical - May 15, 2024

Remote Code Execution has been discovered in OpenText iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task.

Server Side Request Forgery vulnerability has been discovered in OpenText iManager 3.2.6.0200

CVE-2024-3970 7.5 - High - May 15, 2024

Server Side Request Forgery vulnerability has been discovered in OpenText iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.

SSRF

Cross site scripting vulnerability in iManager prior to 3.1 SP2.

CVE-2018-17949 6.1 - Medium - December 12, 2018

Cross site scripting vulnerability in iManager prior to 3.1 SP2.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Micro Focus Imanager or by Micro Focus? Click the Watch button to subscribe.

Micro Focus
Vendor

subscribe