CVE-2024-4429— Cross Site Request Forgery vulnerability in iManager
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-4429
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross Site Request Forgery vulnerability in iManager
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨站请求伪造(CSRF)
Source: NVD (National Vulnerability Database)
Vulnerability Title
NetIQ iManager 跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NetIQ iManager是英国NetIQ公司的一款先进的基于 Web 的管理控制台。可从世界上任何位置提供对网络管理实用程序和内容的自定义安全访问。 NetIQ iManager 3.2 Service Pack 6 Patch 3 Hotfix 1 3.2.6.0301版本存在跨站请求伪造漏洞,该漏洞源于应用存在敏感信息泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-4429
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-4429
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: iManager
- CVE-2021-38116
Possible Command injection Vulnerability in OpenText iManage - CVE-2021-38117
Possible Remote Code Execution Vulnerability OpenText iManag - CVE-2021-38118
Possible Local Privilege Escalation Vulnerability in OpenTex - CVE-2021-38119
Possible Reflected Cross-Site Scripting (XSS) Vulnerability - CVE-2021-38134
Possible Reflected and Stored XSS in OpenText iManager
Same vendor: OpenText
- CVE-2026-2123
Privilege escalation vulnerability in Operations Agent - CVE-2024-11604
Insertion of Sensitive Information into Log File - CVE-2025-13478
Cache Misconfiguration Leading to Cross-User Data Exposure - CVE-2025-8050
External Control of File vulnerability has been discovered i - CVE-2025-8052
HQL Injection vulnerability has been discovered in Opentext
Same weakness: CWE-352
- CVE-2021-47953
OpenCart 3.0.3.7 Cross-Site Request Forgery via account/pass - CVE-2021-47946
OpenCart 3.0.36 Account Takeover via Cross Site Request Forg - CVE-2022-50955
WordPress Plugin Curtain 1.0.2 Cross-site Request Forgery - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-42286
Emlog: Cross-Site Request Forgery in Admin Functions
V. Comments for CVE-2024-4429
No comments yet