Vulnerabilities > Microfocus

DATE CVE VULNERABILITY TITLE RISK
2021-09-02 CVE-2021-22525 Unspecified vulnerability in Microfocus Access Manager
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1
local
low complexity
microfocus
2.1
2021-08-05 CVE-2021-22517 Unspecified vulnerability in Microfocus Data Protector
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector.
network
low complexity
microfocus
6.5
2021-07-30 CVE-2021-22521 Incorrect Authorization vulnerability in Microfocus products
A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions.
local
low complexity
microfocus CWE-863
7.2
2021-07-22 CVE-2021-22522 Cross-site Scripting vulnerability in Microfocus Verastream Host Integrator
Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions.
network
microfocus CWE-79
6.8
2021-07-22 CVE-2021-22523 XXE vulnerability in Microfocus Verastream Host Integrator
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions.
6.8
2021-07-12 CVE-2021-22515 Incorrect Authorization vulnerability in Microfocus Netiq Advanced Authentication
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.
network
low complexity
microfocus CWE-863
4.0
2021-06-04 CVE-2021-22516 Information Exposure Through Log Files vulnerability in Microfocus Secure API Manager 2.0.0
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0.
network
low complexity
microfocus CWE-532
5.0
2021-05-28 CVE-2021-22519 Unspecified vulnerability in Microfocus Sitescope
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93).
network
low complexity
microfocus
7.5
2021-04-28 CVE-2021-22514 Unspecified vulnerability in Microfocus Application Performance Management 9.40/9.50/9.51
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51.
network
low complexity
microfocus
7.5
2021-04-13 CVE-2021-22505 Unspecified vulnerability in Microfocus Operations Agent
Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15.
network
low complexity
microfocus
7.5