Vulnerabilities > Microfocus

DATE CVE VULNERABILITY TITLE RISK
2024-10-16 CVE-2024-4692 Unspecified vulnerability in Microfocus Application Automation Tools
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools.
network
low complexity
microfocus
2.4
2024-09-12 CVE-2021-22503 Cross-site Scripting vulnerability in Microfocus Edirectory
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.
network
low complexity
microfocus CWE-79
6.1
2024-09-12 CVE-2021-22532 Allocation of Resources Without Limits or Throttling vulnerability in Microfocus Edirectory
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.
network
low complexity
microfocus CWE-770
7.5
2024-09-12 CVE-2021-22533 Information Exposure Through Log Files vulnerability in Microfocus Edirectory
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000.
network
low complexity
microfocus CWE-532
critical
9.1
2024-09-12 CVE-2021-38131 Cross-site Scripting vulnerability in Microfocus Edirectory
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000.
network
low complexity
microfocus CWE-79
6.1
2024-09-12 CVE-2021-38132 Server-Side Request Forgery (SSRF) vulnerability in Microfocus Edirectory
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory.
network
low complexity
microfocus CWE-918
critical
9.8
2024-09-12 CVE-2021-38133 Weak Password Requirements vulnerability in Microfocus Edirectory
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory.
network
low complexity
microfocus CWE-521
6.5
2024-08-28 CVE-2021-22509 Cleartext Storage of Sensitive Information vulnerability in Microfocus Netiq Advanced Authentication
A vulnerability identified in storing and reusing information in Advance Authentication.
network
low complexity
microfocus CWE-312
6.5
2024-08-28 CVE-2021-22529 Unspecified vulnerability in Microfocus Netiq Advanced Authentication
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information.
local
low complexity
microfocus
5.5
2024-08-28 CVE-2021-22530 Improper Restriction of Excessive Authentication Attempts vulnerability in Microfocus Netiq Advanced Authentication
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login.
network
low complexity
microfocus CWE-307
critical
9.9