📦

edirectory

Vendor: netiq

Actively Exploited 0 CISA KEV List

PoC / Exploits 9 Code Available

Total RCEs 14 Remote Access

Total CVEs 21 Total Indexed

Avg. EPSS 12.02% Exploit Prob.

Latest CVE CVE-2019-25675 Apr 05

Security Vulnerability Index

Page 1 / 3

8.8 CVSS

CVE-2019-25675

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.

EPSS: 0.16%

Severity: HIGH

Apr 05, 2026

7.4 CVSS

CVE-2021-38133

Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.

EPSS: 0.30%

Severity: HIGH

Sep 12, 2024

5.3 CVSS

CVE-2021-38132

Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.

EPSS: 0.12%

Severity: MEDIUM

Sep 12, 2024

5.4 CVSS

CVE-2021-38131

Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000.

EPSS: 0.21%

Severity: MEDIUM

Sep 12, 2024

6.5 CVSS

CVE-2021-22533

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000.

EPSS: 0.13%

Severity: MEDIUM

Sep 12, 2024

7.6 CVSS

CVE-2021-22532

RCE

Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.

EPSS: 0.40%

Severity: HIGH

Sep 12, 2024

5.4 CVSS

CVE-2021-22503

Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.

EPSS: 0.21%

Severity: MEDIUM

Sep 12, 2024

6.1 CVSS

CVE-2018-17952

Cross site scripting vulnerability in eDirectory prior to 9.1 SP2

EPSS: 0.24%

Severity: MEDIUM

Dec 12, 2018

7.5 CVSS

CVE-2018-17950

Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2

EPSS: 0.20%

Severity: HIGH

Dec 12, 2018

6.1 CVSS

CVE-2018-7692

Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.

EPSS: 0.20%

Severity: MEDIUM

Aug 09, 2018

Displaying 10 of 21 Total Entries

1 2 3

Total 3 Sections