Vulnerabilities in Micro Focus

127 results
CVE-2018-1343PAM exposure enabling unauthenticated access to remote hostEPSS 1.4%CVE-2018-6502MEDIUMMFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal VulnerabilityEPSS 1.3%CVE-2017-7421Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) anEPSS 1.3%CVE-2017-14357A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to EPSS 1.3%CVE-2018-6486HIGHMFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity InjectionEPSS 1.2%CVE-2017-14358A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4EPSS 1.2%CVE-2018-1342A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This iEPSS 1.2%CVE-2018-6494MEDIUMMFSBGN03807 rev.1 - HP Service Manager Software, Multiple VulnerabilitiesEPSS 1.2%CVE-2019-11666Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9EPSS 1.2%CVE-2017-9283An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for furEPSS 1.2%CVE-2017-9282An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus ViEPSS 1.2%CVE-2019-3485MEDIUMArcSight Logger stored cross site script issue in version prior to 6.7.1EPSS 1.1%CVE-2018-6503MEDIUMMFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal VulnerabilityEPSS 1.1%CVE-2018-7683Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.EPSS 1.1%CVE-2019-11648An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerabilityEPSS 1.1%CVE-2019-11665Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, EPSS 1.1%CVE-2019-11667Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerabilEPSS 1.1%CVE-2018-12469Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in MiEPSS 1.1%CVE-2017-14361HIGHMFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilitiesEPSS 1.0%CVE-2018-18590CRITICALMFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code ExecutionEPSS 1.0%