Filtered by vendor Microfocus
Subscribe
Total
267 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11842 | 1 Microfocus | 1 Verastream Host Integrator | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated attackers to view information they may not have been authorized to view. | |||||
| CVE-2020-11849 | 1 Microfocus | 1 Identity Manager | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access. | |||||
| CVE-2020-11848 | 1 Microfocus | 1 Arcsight Management Center | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Denial of service vulnerability on Micro Focus ArcSight Management Center. Affecting all versions prior to version 2.9.5. The vulnerability could cause the server to become unavailable, causing a denial of service. | |||||
| CVE-2020-11851 | 1 Microfocus | 1 Arcsight Logger | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. | |||||
| CVE-2020-11857 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user | |||||
| CVE-2020-11856 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR. | |||||
| CVE-2020-11853 | 2 Hp, Microfocus | 7 Universal Cmbd Foundation, Application Performance Management, Data Center Automation and 4 more | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code. | |||||
| CVE-2020-11839 | 1 Microfocus | 1 Arcsight Logger | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | |||||
| CVE-2020-11852 | 1 Microfocus | 1 Secure Messaging Gateway | 2023-11-07 | 9.0 HIGH | 8.8 HIGH |
| DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM system command. | |||||
| CVE-2020-11841 | 1 Microfocus | 1 Arcsight Management Center | 2023-11-07 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. | |||||
| CVE-2020-11854 | 1 Microfocus | 4 Application Performance Management, Operations Bridge, Operations Bridge Manager and 1 more | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution. | |||||
| CVE-2020-11861 | 1 Microfocus | 1 Operations Agent | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. The vulnerability could be exploited to escalate the local privileges and gain root access on the system. | |||||
| CVE-2020-11855 | 1 Microfocus | 1 Operation Bridge Reporter | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges. | |||||
| CVE-2020-11860 | 1 Microfocus | 1 Arcsight Logger | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) | |||||
| CVE-2019-3489 | 1 Microfocus | 1 Content Manager | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server. | |||||
| CVE-2019-3474 | 2 Microfocus, Suse | 2 Filr, Suse Linux Enterprise Server | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. | |||||
| CVE-2019-3477 | 1 Microfocus | 1 Solutions Business Manager | 2023-11-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | |||||
| CVE-2019-3490 | 1 Microfocus | 1 Open Enterprise Server | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and OES2018SP1. Older versions may be affected but were not tested as they are out of support. | |||||
| CVE-2019-3475 | 2 Microfocus, Suse | 2 Filr, Suse Linux Enterprise Server | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. | |||||
| CVE-2019-3493 | 1 Microfocus | 2 Network Automation, Network Operations Management | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. The vulnerability could be remotely exploited to Remote Code Execution. | |||||