Filtered by vendor Microfocus
Subscribe
Total
263 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22523 | 1 Microfocus | 1 Verastream Host Integrator | 2024-11-21 | 6.8 MEDIUM | 7.6 HIGH |
| XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions. | |||||
| CVE-2021-22522 | 1 Microfocus | 1 Verastream Host Integrator | 2024-11-21 | 6.8 MEDIUM | 7.1 HIGH |
| Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data. | |||||
| CVE-2021-22521 | 1 Microfocus | 2 Zenworks Configuration Management, Zenworks Endpoint Security Management | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges. | |||||
| CVE-2021-22519 | 1 Microfocus | 1 Sitescope | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow remote attackers to execute arbitrary code on affected installations of SiteScope. | |||||
| CVE-2021-22517 | 1 Microfocus | 1 Data Protector | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data. | |||||
| CVE-2021-22516 | 1 Microfocus | 1 Secure Api Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file. | |||||
| CVE-2021-22515 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-11-21 | 4.0 MEDIUM | 4.8 MEDIUM |
| Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | |||||
| CVE-2021-22514 | 1 Microfocus | 1 Application Performance Management | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM. | |||||
| CVE-2021-22513 | 1 Microfocus | 1 Application Automation Tools | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow access without permission checks. | |||||
| CVE-2021-22512 | 1 Microfocus | 1 Application Automation Tools | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks. | |||||
| CVE-2021-22511 | 1 Microfocus | 1 Application Automation Tools | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates. | |||||
| CVE-2021-22510 | 1 Microfocus | 1 Application Automation Tools | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects all version 6.7 and earlier versions. | |||||
| CVE-2021-22507 | 1 Microfocus | 1 Operations Bridge Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access. | |||||
| CVE-2021-22505 | 1 Microfocus | 1 Operations Agent | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent. | |||||
| CVE-2021-22504 | 1 Microfocus | 1 Operations Bridge Manager | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server. | |||||
| CVE-2021-22500 | 1 Microfocus | 1 Application Performance Management | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing. | |||||
| CVE-2021-22499 | 1 Microfocus | 1 Application Performance Management | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack. | |||||
| CVE-2021-22498 | 1 Microfocus | 1 Application Lifecycle Management | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection. | |||||
| CVE-2021-22497 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-11-21 | 6.5 MEDIUM | 3.8 LOW |
| Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | |||||
| CVE-2021-22496 | 1 Microfocus | 1 Access Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage. | |||||