Filtered by vendor Microfocus
Subscribe
Total
234 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22514 | 1 Microfocus | 1 Application Performance Management | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM. | |||||
| CVE-2021-22512 | 1 Microfocus | 1 Application Automation Tools | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks. | |||||
| CVE-2021-22507 | 1 Microfocus | 1 Operations Bridge Manager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access. | |||||
| CVE-2021-22505 | 1 Microfocus | 1 Operations Agent | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent. | |||||
| CVE-2021-22515 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | |||||
| CVE-2021-22497 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | |||||
| CVE-2020-11851 | 1 Microfocus | 1 Arcsight Logger | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. | |||||
| CVE-2021-22496 | 1 Microfocus | 1 Access Manager | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage. | |||||
| CVE-2020-11860 | 1 Microfocus | 1 Arcsight Logger | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) | |||||
| CVE-2021-22504 | 1 Microfocus | 1 Operations Bridge Manager | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server. | |||||
| CVE-2020-11853 | 2 Hp, Microfocus | 7 Universal Cmbd Foundation, Application Performance Management, Data Center Automation and 4 more | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code. | |||||
| CVE-2020-25837 | 1 Microfocus | 1 Self Service Password Reset | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
| Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information. | |||||
| CVE-2020-25839 | 1 Microfocus | 1 Identity Manager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1. | |||||
| CVE-2020-25834 | 1 Microfocus | 1 Arcsight Logger | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS). | |||||
| CVE-2019-18942 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-28 | 2.3 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. | |||||
| CVE-2020-25838 | 1 Microfocus | 1 Filr | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. Affecting all 3.x and 4.x versions. The vulnerability could be exploited to disclose unauthorized sensitive information. | |||||
| CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-28 | 3.8 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | |||||
| CVE-2020-11856 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR. | |||||
| CVE-2019-18945 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-28 | 5.2 MEDIUM | 8.0 HIGH |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. | |||||
| CVE-2020-25832 | 1 Microfocus | 1 Filr | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack. | |||||