Vulnerabilities > Microfocus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2024-4692 | Unspecified vulnerability in Microfocus Application Automation Tools Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. | 2.4 |
| 2024-09-12 | CVE-2021-22503 | Cross-site Scripting vulnerability in Microfocus Edirectory Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. | 6.1 |
| 2024-09-12 | CVE-2021-22532 | Allocation of Resources Without Limits or Throttling vulnerability in Microfocus Edirectory Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000. | 7.5 |
| 2024-09-12 | CVE-2021-22533 | Information Exposure Through Log Files vulnerability in Microfocus Edirectory Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. | 9.1 |
| 2024-09-12 | CVE-2021-38131 | Cross-site Scripting vulnerability in Microfocus Edirectory Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. | 6.1 |
| 2024-09-12 | CVE-2021-38132 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Edirectory Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. | 9.8 |
| 2024-09-12 | CVE-2021-38133 | Weak Password Requirements vulnerability in Microfocus Edirectory Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. | 6.5 |
| 2024-08-28 | CVE-2021-22509 | Cleartext Storage of Sensitive Information vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in storing and reusing information in Advance Authentication. | 6.5 |
| 2024-08-28 | CVE-2021-22529 | Unspecified vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. | 5.5 |
| 2024-08-28 | CVE-2021-22530 | Improper Restriction of Excessive Authentication Attempts vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. | 9.9 |