Vulnerabilities > Microfocus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-09 | CVE-2020-25835 | Cross-site Scripting vulnerability in Microfocus Arcsight Management Center A potential vulnerability has been identified in Micro Focus ArcSight Management Center. | 5.4 |
| 2023-12-06 | CVE-2023-32268 | Insufficiently Protected Credentials vulnerability in Microfocus Filr Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators. | 7.2 |
| 2023-11-08 | CVE-2023-5913 | Unspecified vulnerability in Microfocus Fortify Scancentral Dast Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. | 9.8 |
| 2023-10-30 | CVE-2023-4964 | Open Redirect vulnerability in Microfocus products Potential open redirect vulnerability in opentext Service Management Automation X (SMAX) versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset Management X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. | 6.1 |
| 2023-09-12 | CVE-2023-4501 | Improper Authentication vulnerability in Microfocus products User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants such as Enterprise Test Server), versions 7.0 patch updates 19 and 20, 8.0 patch updates 8 and 9, and 9.0 patch update 1, when LDAP-based authentication is used with certain configurations. | 9.8 |
| 2023-08-11 | CVE-2023-32267 | Unspecified vulnerability in Microfocus Arcsight Management Center A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. | 8.8 |
| 2023-07-20 | CVE-2023-32265 | Unspecified vulnerability in Microfocus products A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to exploit this vulnerability. | 6.5 |
| 2023-07-19 | CVE-2023-32261 | Unspecified vulnerability in Microfocus Dimensions CM A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. | 6.5 |
| 2023-07-19 | CVE-2023-32262 | Unspecified vulnerability in Microfocus Dimensions CM A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. | 6.5 |
| 2023-07-19 | CVE-2023-32263 | Unspecified vulnerability in Microfocus Dimensions CM A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. | 5.7 |