Filtered by vendor Microfocus
Subscribe
Total
235 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22521 | 1 Microfocus | 2 Zenworks Configuration Management, Zenworks Endpoint Security Management | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges. | |||||
| CVE-2020-25840 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction. | |||||
| CVE-2021-22517 | 1 Microfocus | 1 Data Protector | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data. | |||||
| CVE-2021-22497 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
| Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | |||||
| CVE-2021-22510 | 1 Microfocus | 1 Application Automation Tools | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects all version 6.7 and earlier versions. | |||||
| CVE-2021-22525 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 | |||||
| CVE-2021-38123 | 1 Microfocus | 1 Network Automation | 2024-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication. | |||||
| CVE-2020-25838 | 1 Microfocus | 1 Filr | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. Affecting all 3.x and 4.x versions. The vulnerability could be exploited to disclose unauthorized sensitive information. | |||||
| CVE-2019-18947 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-04 | 2.7 LOW | 3.5 LOW |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | |||||
| CVE-2021-22496 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage. | |||||
| CVE-2020-11856 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR. | |||||
| CVE-2020-11861 | 1 Microfocus | 1 Operations Agent | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. The vulnerability could be exploited to escalate the local privileges and gain root access on the system. | |||||
| CVE-2021-22500 | 1 Microfocus | 1 Application Performance Management | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing. | |||||
| CVE-2021-22499 | 1 Microfocus | 1 Application Performance Management | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
| Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack. | |||||
| CVE-2020-25832 | 1 Microfocus | 1 Filr | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack. | |||||
| CVE-2020-11851 | 1 Microfocus | 1 Arcsight Logger | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. | |||||
| CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-04 | 3.8 LOW | 4.8 MEDIUM |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | |||||
| CVE-2019-18945 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-04 | 5.2 MEDIUM | 8.0 HIGH |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. | |||||
| CVE-2020-11855 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges. | |||||
| CVE-2020-11854 | 1 Microfocus | 4 Application Performance Management, Operations Bridge, Operations Bridge Manager and 1 more | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution. | |||||