CVE-2024-3968— Remote Code Execution vulnerability in the iManager
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-3968
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution vulnerability in the iManager
Source: NVD (National Vulnerability Database)
Vulnerability Description
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
NetIQ iManager 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NetIQ iManager是英国NetIQ公司的一款先进的基于 Web 的管理控制台。可从世界上任何位置提供对网络管理实用程序和内容的自定义安全访问。 NetIQ iManager 3.2.6.0200版本存在安全漏洞,该漏洞源于存在远程代码执行,可以使用自定义文件上传任务触发远程代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-3968
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-3968
请登录查看更多情报信息。
Same Patch Batch · OpenText · 2024-05-15 · 9 CVEs total
| CVE-2024-3483 | 7.8 HIGH | Remote Code Execution vulnerability in the iManager |
| CVE-2024-3486 | 7.8 HIGH | XML External Entity injection vulnerability in iManager |
| CVE-2024-3967 | 7.6 HIGH | Remote Code Execution vulnerability in the iManager |
| CVE-2024-3484 | 5.7 MEDIUM | Path Traversal vulnerability found in iManager |
| CVE-2024-3488 | 5.6 MEDIUM | File Upload vulnerability in unauthenticated session found in iManager. |
| CVE-2024-3485 | 5.3 MEDIUM | Server-Side Request Forgery vulnerability in iManager |
| CVE-2024-3970 | 5.3 MEDIUM | Server-Side Request Forgery vulnerability in iManager |
| CVE-2024-3487 | 3.5 LOW | Broken Authentication vulnerability in iManager |
IV. Related Vulnerabilities
Same product: iManager
- CVE-2021-38116
Possible Command injection Vulnerability in OpenText iManage - CVE-2021-38117
Possible Remote Code Execution Vulnerability OpenText iManag - CVE-2021-38118
Possible Local Privilege Escalation Vulnerability in OpenTex - CVE-2021-38119
Possible Reflected Cross-Site Scripting (XSS) Vulnerability - CVE-2021-38134
Possible Reflected and Stored XSS in OpenText iManager
Same vendor: OpenText
- CVE-2026-2123
Privilege escalation vulnerability in Operations Agent - CVE-2024-11604
Insertion of Sensitive Information into Log File - CVE-2025-13478
Cache Misconfiguration Leading to Cross-User Data Exposure - CVE-2025-8050
External Control of File vulnerability has been discovered i - CVE-2025-8052
HQL Injection vulnerability has been discovered in Opentext
Same weakness: CWE-20
V. Comments for CVE-2024-3968
No comments yet