Filtered by vendor Microfocus
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-22519 | 1 Microfocus | 1 Sitescope | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow remote attackers to execute arbitrary code on affected installations of SiteScope. | |||||
CVE-2021-22525 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 | |||||
CVE-2021-22513 | 1 Microfocus | 1 Application Automation Tools | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Missing Authorization vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow access without permission checks. | |||||
CVE-2021-22507 | 1 Microfocus | 1 Operations Bridge Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access. | |||||
CVE-2021-22510 | 1 Microfocus | 1 Application Automation Tools | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected XSS vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects all version 6.7 and earlier versions. | |||||
CVE-2021-22514 | 1 Microfocus | 1 Application Performance Management | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM. | |||||
CVE-2021-22497 | 1 Microfocus | 1 Netiq Advanced Authentication | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | |||||
CVE-2021-22516 | 1 Microfocus | 1 Secure Api Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file. | |||||
CVE-2021-22506 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage. | |||||
CVE-2021-22515 | 1 Microfocus | 1 Netiq Advanced Authentication | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | |||||
CVE-2021-22511 | 1 Microfocus | 1 Application Automation Tools | 2023-12-10 | 6.4 MEDIUM | 6.5 MEDIUM |
Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates. | |||||
CVE-2021-22522 | 1 Microfocus | 1 Verastream Host Integrator | 2023-12-10 | 6.8 MEDIUM | 7.1 HIGH |
Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data. | |||||
CVE-2021-22523 | 1 Microfocus | 1 Verastream Host Integrator | 2023-12-10 | 6.8 MEDIUM | 7.6 HIGH |
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions. | |||||
CVE-2020-11851 | 1 Microfocus | 1 Arcsight Logger | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. | |||||
CVE-2020-25839 | 1 Microfocus | 1 Identity Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1. | |||||
CVE-2021-22496 | 1 Microfocus | 1 Access Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage. | |||||
CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 3.8 LOW | 4.8 MEDIUM |
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | |||||
CVE-2021-22504 | 1 Microfocus | 1 Operations Bridge Manager | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server. | |||||
CVE-2021-22498 | 1 Microfocus | 1 Application Lifecycle Management | 2023-12-10 | 5.5 MEDIUM | 8.1 HIGH |
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection. | |||||
CVE-2020-25833 | 1 Microfocus | 1 Idol | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack. |