CVE-2017-7430

Published: May 3, 2017Modified: May 13, 2026

6.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.

Affected (28)

Products: Novell: Imanager · Netiq: Imanager

1 product

1 product

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Novell Imanager	Version 2.7
Novell Imanager	Version 2.7 sp1
Novell Imanager	Version 2.7 sp2
Novell Imanager	Version 2.7 sp3
Novell Imanager	Version 2.7 sp4
Novell Imanager	Version 2.7 sp4_patch1
Novell Imanager	Version 2.7 sp4_patch2
Novell Imanager	Version 2.7 sp4_patch3
Novell Imanager	Version 2.7 sp4_patch4
Novell Imanager	Version 2.7 sp5
Novell Imanager	Version 2.7 sp6
Novell Imanager	Version 2.7 sp7
Novell Imanager	Version 2.7 sp7_patch_10
Novell Imanager	Version 2.7 sp7_patch_1
Novell Imanager	Version 2.7 sp7_patch_2
Novell Imanager	Version 2.7 sp7_patch_3
Novell Imanager	Version 2.7 sp7_patch_4
Novell Imanager	Version 2.7 sp7_patch_5
Novell Imanager	Version 2.7 sp7_patch_6
Novell Imanager	Version 2.7 sp7_patch_7
Novell Imanager	Version 2.7 sp7_patch_8
Novell Imanager	Version 2.7 sp7_patch_9

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Netiq Imanager	Version 3.0.1
Netiq Imanager	Version 3.0.2.1
Netiq Imanager	Version 3.0.2
Netiq Imanager	Version 3.0.3.1
Netiq Imanager	Version 3.0.3
Netiq Imanager	Version 3.0

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (12)

https://bugzilla.novell.com/show_bug.cgi?id=1024959

Source: security@opentext.com

https://bugzilla.novell.com/show_bug.cgi?id=1030691

Source: security@opentext.com

https://dl.netiq.com/Download?buildid=24FxpmqdThE~

Source: security@opentext.com

https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~

Source: security@opentext.com

https://www.netiq.com/support/kb/doc.php?id=7016795

Source: security@opentext.com

https://www.novell.com/support/kb/doc.php?id=7010166

Source: security@opentext.com

https://bugzilla.novell.com/show_bug.cgi?id=1024959

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.novell.com/show_bug.cgi?id=1030691

Source: af854a3a-2127-422b-91ae-364da2661108

https://dl.netiq.com/Download?buildid=24FxpmqdThE~

Source: af854a3a-2127-422b-91ae-364da2661108

https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.netiq.com/support/kb/doc.php?id=7016795

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.novell.com/support/kb/doc.php?id=7010166

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.