Filtered by vendor Microfocus Subscriptions
Total 241 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-22519 1 Microfocus 1 Sitescope 2024-08-03 9.8 Critical
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow remote attackers to execute arbitrary code on affected installations of SiteScope.
CVE-2021-22507 1 Microfocus 1 Operations Bridge Manager 2024-08-03 9.8 Critical
Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access.
CVE-2021-22505 1 Microfocus 1 Operations Agent 2024-08-03 9.8 Critical
Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent.
CVE-2021-22522 1 Microfocus 1 Verastream Host Integrator 2024-08-03 7.1 High
Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data.
CVE-2021-22499 1 Microfocus 1 Application Performance Management 2024-08-03 4.8 Medium
Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack.
CVE-2021-22535 1 Microfocus 1 Netiq Directory And Resource Administrator 2024-08-03 4.9 Medium
Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.
CVE-2021-22521 1 Microfocus 2 Zenworks Configuration Management, Zenworks Endpoint Security Management 2024-08-03 6.7 Medium
A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges.
CVE-2021-22510 1 Microfocus 1 Application Automation Tools 2024-08-03 6.1 Medium
Reflected XSS vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects all version 6.7 and earlier versions.
CVE-2021-22513 1 Microfocus 1 Application Automation Tools 2024-08-03 6.5 Medium
Missing Authorization vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow access without permission checks.
CVE-2021-22496 1 Microfocus 1 Access Manager 2024-08-03 7.5 High
Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage.
CVE-2021-22500 1 Microfocus 1 Application Performance Management 2024-08-03 6.5 Medium
Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing.
CVE-2021-22506 1 Microfocus 1 Access Manager 2024-08-03 7.5 High
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.
CVE-2021-22525 1 Microfocus 1 Access Manager 2024-08-03 5.5 Medium
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1
CVE-2021-22523 1 Microfocus 1 Verastream Host Integrator 2024-08-03 7.6 High
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions.
CVE-2021-22512 1 Microfocus 1 Application Automation Tools 2024-08-03 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks.
CVE-2021-22531 1 Microfocus 1 Access Manager 2024-08-03 6.1 Medium
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
CVE-2021-22504 1 Microfocus 1 Operations Bridge Manager 2024-08-03 9.8 Critical
Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server.
CVE-2021-22517 1 Microfocus 1 Data Protector 2024-08-03 8.8 High
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data.
CVE-2021-22516 1 Microfocus 1 Secure Api Manager 2024-08-03 7.5 High
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.
CVE-2021-22514 1 Microfocus 1 Application Performance Management 2024-08-03 9.8 Critical
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.