Known Vulnerabilities for products from Oneidentity
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Oneidentity".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-51772 json | 8.8 - HIGH | 2023-12-25 | 2024-01-03 | |
| CVE-2023-48654 json | 9.8 - CRITICAL | 2023-12-25 | 2024-01-03 | |
| CVE-2023-4003 json | One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access to a workstation may upgra... | 6.8 - MEDIUM | 2023-09-27 | 2023-09-29 |
| CVE-2022-38725 json | An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denia... | 7.5 - HIGH | 2023-01-23 | 2023-11-07 |
| CVE-2020-8019 json | A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP... | 7.8 - HIGH | 2020-06-29 | 2020-07-09 |
| CVE-2020-7962 json | An issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is pos... | 5.3 - MEDIUM | 2020-11-13 | 2021-07-21 |
| CVE-2019-13498 json | One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle... | 7.4 - HIGH | 2019-07-29 | 2023-02-28 |
| CVE-2019-13497 json | One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests. | 6.5 - MEDIUM | 2019-11-04 | 2019-11-05 |
| CVE-2019-13496 json | One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One ... | 8.1 - HIGH | 2019-11-04 | 2019-11-05 |
| CVE-2011-1951 json | lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other v... | 4.3 - MEDIUM | 2011-07-11 | 2023-02-13 |
| CVE-2011-0343 json | Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations,... | 6.9 - MEDIUM | 2011-01-28 | 2020-05-19 |
| CVE-2008-5110 json | syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is on... | 9.3 - HIGH | 2008-11-17 | 2021-06-22 |
| CVE-2002-1200 json | Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly tr... | Not Provided | 2002-10-28 | 2025-04-03 |
Known software with vulnerabilities from Oneidentity
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Oneidentity | Cloud Access Manager | - |
| Application | Oneidentity | Password Manager | 5.8 |
| Application | Oneidentity | Syslog-ng | - |