Filtered by vendor Microfocus
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-11651 | 1 Microfocus | 2 Enterprise Developer, Enterprise Server | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests. | |||||
CVE-2019-17085 | 1 Microfocus | 1 Operations Agent | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent. | |||||
CVE-2019-11674 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack. | |||||
CVE-2018-19643 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
CVE-2019-3476 | 1 Microfocus | 1 Data Protector | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | |||||
CVE-2019-11646 | 1 Microfocus | 1 Service Manager | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information. | |||||
CVE-2016-1600 | 1 Microfocus | 1 Identity Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. | |||||
CVE-2019-11663 | 1 Microfocus | 1 Service Manager | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | |||||
CVE-2018-19644 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
CVE-2016-9166 | 1 Microfocus | 1 Netiq Edirectory | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security. | |||||
CVE-2018-19642 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
CVE-2019-11668 | 1 Microfocus | 3 Service Manager, Service Manager Chat Server, Service Manager Chat Service | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | |||||
CVE-2019-11650 | 1 Microfocus | 1 Netiq Advanced Authentication | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. | |||||
CVE-2019-11661 | 1 Microfocus | 1 Service Manager | 2023-12-10 | 6.5 MEDIUM | 8.3 HIGH |
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data. | |||||
CVE-2019-3477 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | |||||
CVE-2019-11654 | 1 Microfocus | 1 Verastream Host Integrator | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | |||||
CVE-2019-11652 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. | |||||
CVE-2019-3493 | 1 Microfocus | 2 Network Automation, Network Operations Management | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. The vulnerability could be remotely exploited to Remote Code Execution. | |||||
CVE-2019-11647 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack. | |||||
CVE-2019-11653 | 1 Microfocus | 1 Content Manager | 2023-12-10 | 5.5 MEDIUM | 5.4 MEDIUM |
Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request. |