Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 3.8 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | |||||
| CVE-2019-18944 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 2.3 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | |||||
| CVE-2019-18945 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.2 MEDIUM | 8.0 HIGH |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. | |||||
| CVE-2019-18947 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 2.7 LOW | 3.5 LOW |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | |||||
| CVE-2019-18943 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.2 MEDIUM | 8.0 HIGH |
| Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | |||||
| CVE-2019-18942 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 2.3 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. | |||||
| CVE-2018-19643 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-19644 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-19642 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2019-3477 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
| Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | |||||
| CVE-2018-19641 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-19645 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-7681 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system. | |||||
| CVE-2018-7680 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. | |||||
| CVE-2018-7682 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. | |||||
| CVE-2018-7679 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution. | |||||
| CVE-2018-7683 | 1 Microfocus | 1 Solutions Business Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. | |||||