Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-16	CVE-2020-9518	Unspecified vulnerability in Microfocus Service Manager Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. network low complexity microfocus	5.3
2020-03-16	CVE-2020-9519	Unspecified vulnerability in Microfocus Service Manager HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. network low complexity microfocus	5.3
2020-03-09	CVE-2020-9517	Improper Restriction of Rendered UI Layers or Frames vulnerability in Microfocus Service Manager 9.50/9.60 There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. network low complexity microfocus CWE-1021	5.4
2019-12-17	CVE-2019-11657	Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Logger 6.61 Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. network low complexity microfocus CWE-352	8.8
2019-12-11	CVE-2019-17087	Unspecified vulnerability in Microfocus Acutoweb Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. network low complexity microfocus	7.5
2019-11-18	CVE-2019-17085	XXE vulnerability in Microfocus Operations Agent XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. network low complexity microfocus CWE-611	6.5
2019-10-22	CVE-2019-11674	Improper Certificate Validation vulnerability in Microfocus Netiq Self Service Password Reset Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. network high complexity microfocus CWE-295	5.9
2019-10-02	CVE-2019-11651	Cross-site Scripting vulnerability in Microfocus Enterprise Developer and Enterprise Server Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. network low complexity microfocus CWE-79	6.1
2019-09-18	CVE-2019-11664	Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. network low complexity microfocus CWE-522	6.5
2019-09-18	CVE-2019-11663	Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. network low complexity microfocus CWE-522	6.5

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus