Filtered by vendor Microfocus
Subscriptions
Total
241 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22497 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-16 | 3.8 Low |
| Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | ||||
| CVE-2021-22526 | 1 Microfocus | 1 Access Manager | 2024-09-16 | 4.9 Medium |
| Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | ||||
| CVE-2018-17948 | 1 Microfocus | 1 Access Manager | 2024-09-16 | N/A |
| An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3. | ||||
| CVE-2018-6504 | 1 Microfocus | 1 Arcsight Management Center | 2024-09-16 | 8.8 High |
| A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Cross-Site Request Forgery (CSRF). | ||||
| CVE-2018-19641 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-16 | N/A |
| Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | ||||
| CVE-2018-7691 | 1 Microfocus | 1 Fortify Software Security Center | 2024-09-16 | N/A |
| A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access | ||||
| CVE-2019-18946 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-16 | 4.8 Medium |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | ||||
| CVE-2012-5930 | 1 Microfocus | 1 Privileged User Manager | 2024-09-16 | N/A |
| The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request. | ||||
| CVE-2017-7423 | 1 Microfocus | 2 Enterprise Developer, Enterprise Server | 2024-09-16 | N/A |
| A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes creating new privileged credentials, resulting in privilege elevation (CWE-275). Note esfadmingui is not enabled by default. | ||||
| CVE-2018-6495 | 1 Microfocus | 3 Cms Server, Universal Cmdb, Universal Cmdb Browser | 2024-09-16 | 5.4 Medium |
| Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). | ||||
| CVE-2019-18947 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-16 | 3.5 Low |
| Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | ||||
| CVE-2018-12480 | 1 Microfocus | 1 Access Manager | 2024-09-16 | N/A |
| Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. | ||||
| CVE-2018-6486 | 1 Microfocus | 2 Fortify Audit Workbench, Fortify Software Security Center | 2024-09-16 | N/A |
| XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), versions 16.10, 16.20, 17.10. This vulnerability could be exploited to allow a XML External Entity (XXE) injection. | ||||
| CVE-2023-24468 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 9.8 Critical |
| Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 | ||||
| CVE-2021-22509 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 8.1 High |
| A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1 | ||||
| CVE-2021-38120 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 5.1 Medium |
| A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1. | ||||
| CVE-2021-38121 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 8.3 High |
| Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1 | ||||
| CVE-2021-38122 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 6.2 Medium |
| A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1 | ||||
| CVE-2021-22529 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 6.3 Medium |
| A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1 | ||||
| CVE-2021-22530 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 8.2 High |
| A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1 | ||||