Vulnerabilities > Microfocus
|2022-12-23||CVE-2022-38757|| Improper Privilege Management vulnerability in Microfocus Zenworks 2020 |
A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions.
low complexitymicrofocus CWE-269
| 7.2 |
|2022-12-16||CVE-2022-38756|| Information Exposure Through Log Files vulnerability in Microfocus Groupwise |
A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2.
low complexitymicrofocus CWE-532
| 4.3 |
|2022-12-08||CVE-2022-38754|| Cross-site Scripting vulnerability in Microfocus Operations Bridge and Operations Bridge Manager |
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized.
low complexitymicrofocus CWE-79
| 5.4 |
|2022-11-28||CVE-2022-38753|| Improper Authentication vulnerability in Microfocus Netiq Advanced Authentication |
This update resolves a multi-factor authentication bypass attack
low complexitymicrofocus CWE-287
| 6.3 |
|2022-11-21||CVE-2022-38755|| Unspecified vulnerability in Microfocus Filr |
A vulnerability has been identified in Micro Focus Filr in versions prior to 18.104.22.168.
| 5.3 |
|2022-05-12||CVE-2021-22531|| Cross-site Scripting vulnerability in Microfocus Access Manager 4.5/5.0 |
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability.
| 4.3 |
|2022-05-02||CVE-2022-26325|| Cross-site Scripting vulnerability in Microfocus Netiq Access Manager |
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2
| 4.3 |
|2022-05-02||CVE-2022-26326|| Open Redirect vulnerability in Microfocus Netiq Access Manager |
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
| 5.8 |
|2022-04-11||CVE-2021-38125|| Unspecified vulnerability in Microfocus Operations Bridge 2021.05/2021.08 |
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08.
| 6.8 |
|2022-02-04||CVE-2021-38130|| Exposure of Resource to Wrong Sphere vulnerability in Microfocus Voltage Securemail |
A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 22.214.171.124.
low complexitymicrofocus CWE-668
| 4.0 |