CVE-2017-7431
HIGHNovell iManager <2.7 SP7 Patch 10 HF1 & NetIQ iManager <3.0.3.1 - CSRF
Title source: llmDescription
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
References (6)
Core 6
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=1024963
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=1030692
Vendor Advisory x_refsource_confirm
https://www.novell.com/support/kb/doc.php?id=7010166
Various Sources x_refsource_confirm
https://dl.netiq.com/Download?buildid=24FxpmqdThE~
Various Sources x_refsource_confirm
https://www.netiq.com/support/kb/doc.php?id=7016795
Various Sources x_refsource_confirm
https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~
Scores
CVSS v3
8.8
EPSS
0.0027
EPSS Percentile
51.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-352
Status
published
Products (8)
n/a/Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1
netiq/imanager
3.0
netiq/imanager
3.0.1
netiq/imanager
3.0.2
netiq/imanager
3.0.2.1
netiq/imanager
3.0.3
netiq/imanager
3.0.3.1
novell/imanager
2.7 (22 CPE variants)
Published
May 03, 2017
Tracked Since
Feb 18, 2026