Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-28	CVE-2024-4555	Improper Privilege Management vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 network low complexity microfocus CWE-269	7.5
2024-08-28	CVE-2024-4556	Path Traversal vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. network low complexity microfocus CWE-22	7.5
2024-08-21	CVE-2020-11846	Unspecified vulnerability in Microfocus Netiq Privileged Access Manager 3.7 A vulnerability found in OpenText Privileged Access Manager that issues a token. network low complexity microfocus	7.5
2024-08-21	CVE-2020-11847	OS Command Injection vulnerability in Microfocus Netiq Privileged Access Manager 3.7 SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. local low complexity microfocus CWE-78	7.8
2024-08-21	CVE-2020-11850	Cross-site Scripting vulnerability in Microfocus Netiq Self Service Password Reset Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6 network low complexity microfocus CWE-79	6.1
2023-12-09	CVE-2020-25835	Cross-site Scripting vulnerability in Microfocus Arcsight Management Center A potential vulnerability has been identified in Micro Focus ArcSight Management Center. network low complexity microfocus CWE-79	5.4
2023-12-06	CVE-2023-32268	Insufficiently Protected Credentials vulnerability in Microfocus Filr Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators. network low complexity microfocus CWE-522	7.2
2023-11-08	CVE-2023-5913	Unspecified vulnerability in Microfocus Fortify Scancentral Dast Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. network low complexity microfocus critical	9.8
2023-10-30	CVE-2023-4964	Open Redirect vulnerability in Microfocus products Potential open redirect vulnerability in opentext Service Management Automation X (SMAX) versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset Management X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. network low complexity microfocus CWE-601	6.1
2023-09-12	CVE-2023-4501	Improper Authentication vulnerability in Microfocus products User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants such as Enterprise Test Server), versions 7.0 patch updates 19 and 20, 8.0 patch updates 8 and 9, and 9.0 patch update 1, when LDAP-based authentication is used with certain configurations. network low complexity microfocus CWE-287 critical	9.8

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus