Filtered by vendor Microfocus
Subscriptions
Total
221 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11844 | 1 Microfocus | 1 Service Management Automation | 2023-11-07 | 9.8 Critical |
| Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation. | ||||
| CVE-2020-11842 | 1 Microfocus | 1 Verastream Host Integrator | 2023-11-07 | 7.5 High |
| Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated attackers to view information they may not have been authorized to view. | ||||
| CVE-2020-11841 | 1 Microfocus | 1 Arcsight Management Center | 2023-11-07 | 4.3 Medium |
| Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. | ||||
| CVE-2020-11840 | 1 Microfocus | 1 Arcsight Management Center | 2023-11-07 | 4.3 Medium |
| Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. | ||||
| CVE-2020-11839 | 1 Microfocus | 1 Arcsight Logger | 2023-11-07 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | ||||
| CVE-2020-11838 | 1 Microfocus | 1 Arcsight Management Center | 2023-11-07 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | ||||
| CVE-2019-3493 | 1 Microfocus | 2 Network Automation, Network Operations Management | 2023-11-07 | N/A |
| A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. The vulnerability could be remotely exploited to Remote Code Execution. | ||||
| CVE-2019-3490 | 1 Microfocus | 1 Open Enterprise Server | 2023-11-07 | N/A |
| A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and OES2018SP1. Older versions may be affected but were not tested as they are out of support. | ||||
| CVE-2019-3489 | 1 Microfocus | 1 Content Manager | 2023-11-07 | N/A |
| An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server. | ||||
| CVE-2019-3477 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | N/A |
| Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | ||||
| CVE-2019-3476 | 1 Microfocus | 1 Data Protector | 2023-11-07 | N/A |
| Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | ||||
| CVE-2019-3475 | 2 Microfocus, Suse | 2 Filr, Suse Linux Enterprise Server | 2023-11-07 | 7.8 High |
| A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. | ||||
| CVE-2019-3474 | 2 Microfocus, Suse | 2 Filr, Suse Linux Enterprise Server | 2023-11-07 | N/A |
| A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. | ||||
| CVE-2019-18947 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 3.5 Low |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | ||||
| CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 4.8 Medium |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | ||||
| CVE-2019-18945 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 8.0 High |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. | ||||
| CVE-2019-18944 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 4.8 Medium |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | ||||
| CVE-2019-18943 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 8.0 High |
| Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | ||||
| CVE-2019-18942 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 4.8 Medium |
| Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. | ||||
| CVE-2019-17087 | 1 Microfocus | 1 Acutoweb | 2023-11-07 | 7.5 High |
| Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under. | ||||