Filtered by vendor Microfocus
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-18944 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 2.3 LOW | 4.8 MEDIUM |
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | |||||
CVE-2021-22502 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server. | |||||
CVE-2020-11854 | 1 Microfocus | 4 Application Performance Management, Operations Bridge, Operations Bridge Manager and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution. | |||||
CVE-2020-25832 | 1 Microfocus | 1 Filr | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack. | |||||
CVE-2019-18945 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.2 MEDIUM | 8.0 HIGH |
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. | |||||
CVE-2019-18947 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 2.7 LOW | 3.5 LOW |
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | |||||
CVE-2020-11855 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges. | |||||
CVE-2020-11856 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR. | |||||
CVE-2020-11858 | 1 Microfocus | 2 Operations Bridge, Operations Bridge Manager | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges. | |||||
CVE-2019-18943 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.2 MEDIUM | 8.0 HIGH |
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | |||||
CVE-2020-25837 | 1 Microfocus | 1 Self Service Password Reset | 2023-12-10 | 4.3 MEDIUM | 7.5 HIGH |
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information. | |||||
CVE-2019-18942 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 2.3 LOW | 4.8 MEDIUM |
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. | |||||
CVE-2020-25834 | 1 Microfocus | 1 Arcsight Logger | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS). | |||||
CVE-2020-11857 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user | |||||
CVE-2020-25838 | 1 Microfocus | 1 Filr | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. Affecting all 3.x and 4.x versions. The vulnerability could be exploited to disclose unauthorized sensitive information. | |||||
CVE-2020-11861 | 1 Microfocus | 1 Operations Agent | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. The vulnerability could be exploited to escalate the local privileges and gain root access on the system. | |||||
CVE-2020-11853 | 2 Hp, Microfocus | 7 Universal Cmbd Foundation, Application Performance Management, Data Center Automation and 4 more | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code. | |||||
CVE-2021-22500 | 1 Microfocus | 1 Application Performance Management | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing. | |||||
CVE-2021-22499 | 1 Microfocus | 1 Application Performance Management | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack. | |||||
CVE-2020-11860 | 1 Microfocus | 1 Arcsight Logger | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) |