Filtered by vendor Microfocus
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-22531 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 | |||||
CVE-2022-26325 | 1 Microfocus | 1 Netiq Access Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2 | |||||
CVE-2021-38125 | 1 Microfocus | 1 Operations Bridge | 2023-12-10 | 6.8 MEDIUM | 9.8 CRITICAL |
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploited to unauthenticated remote code execution. | |||||
CVE-2022-26326 | 1 Microfocus | 1 Netiq Access Manager | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 | |||||
CVE-2021-38124 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution. | |||||
CVE-2021-38127 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). | |||||
CVE-2021-22535 | 1 Microfocus | 1 Netiq Directory And Resource Administrator | 2023-12-10 | 2.7 LOW | 4.9 MEDIUM |
Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure. | |||||
CVE-2021-22528 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
CVE-2021-22527 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
CVE-2021-38126 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). | |||||
CVE-2021-38130 | 1 Microfocus | 1 Voltage Securemail | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an information leakage attack. | |||||
CVE-2021-38129 | 1 Microfocus | 1 Operations Agent | 2023-12-10 | 2.1 LOW | 3.3 LOW |
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local user to access system monitoring data collected by Operations Agent. | |||||
CVE-2021-22526 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
CVE-2021-22524 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
CVE-2021-22517 | 1 Microfocus | 1 Data Protector | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data. | |||||
CVE-2021-38123 | 1 Microfocus | 1 Network Automation | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication. | |||||
CVE-2021-22521 | 1 Microfocus | 2 Zenworks Configuration Management, Zenworks Endpoint Security Management | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges. | |||||
CVE-2021-22512 | 1 Microfocus | 1 Application Automation Tools | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks. | |||||
CVE-2020-25840 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction. | |||||
CVE-2021-22505 | 1 Microfocus | 1 Operations Agent | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent. |