Vulnerabilities > Microfocus

DATE CVE VULNERABILITY TITLE RISK
2019-09-10 CVE-2019-11669 Unspecified vulnerability in Microfocus Service Manager 9.60/9.61/9.62
Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62.
network
low complexity
microfocus
7.5
2019-09-10 CVE-2019-11668 Unspecified vulnerability in Microfocus products
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
network
low complexity
microfocus
7.5
2019-08-30 CVE-2019-11658 Information Exposure vulnerability in Microfocus Content Manager 9.1/9.2/9.3
Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3.
network
low complexity
microfocus CWE-200
4.3
2019-08-23 CVE-2019-11654 Path Traversal vulnerability in Microfocus Verastream Host Integrator 7.5/7.6/7.7
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files.
network
low complexity
microfocus CWE-22
7.5
2019-08-14 CVE-2019-11652 Unspecified vulnerability in Microfocus Netiq Self Service Password Reset
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6.
network
low complexity
microfocus
critical
9.8
2019-08-07 CVE-2019-11653 Unspecified vulnerability in Microfocus Content Manager 9.1.0/9.2.0/9.3.0
Remote Access Control Bypass in Micro Focus Content Manager.
network
low complexity
microfocus
5.4
2019-07-10 CVE-2019-11650 Unspecified vulnerability in Microfocus Netiq Advanced Authentication
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0.
network
high complexity
microfocus
5.9
2019-06-24 CVE-2019-11647 Cross-site Scripting vulnerability in Microfocus Netiq Self Service Password Reset
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4.
network
low complexity
microfocus CWE-79
6.1
2019-06-19 CVE-2019-11649 Cross-site Scripting vulnerability in Microfocus Fortify Software Security Center 17.20/18.10/18.20
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center.
network
low complexity
microfocus CWE-79
5.4
2019-06-07 CVE-2019-3477 Open Redirect vulnerability in Microfocus Solutions Business Manager
Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect.
network
low complexity
microfocus CWE-601
6.1