Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-15	CVE-2024-3486	XXE vulnerability in Microfocus Imanager XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. network low complexity microfocus CWE-611 critical	9.8
2024-05-15	CVE-2024-3487	Improper Authentication vulnerability in Microfocus Imanager Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication. network low complexity microfocus CWE-287 critical	9.8
2024-05-15	CVE-2024-3488	Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Imanager File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication. network low complexity microfocus CWE-434 critical	9.8
2024-05-15	CVE-2024-3967	Deserialization of Untrusted Data vulnerability in Microfocus Imanager Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization. network low complexity microfocus CWE-502 critical	9.8
2024-05-15	CVE-2024-3968	Unspecified vulnerability in Microfocus Imanager Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task. network low complexity microfocus critical	9.8
2024-05-15	CVE-2024-3970	Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. network low complexity microfocus CWE-918	7.5
2024-02-15	CVE-2024-0622	Unspecified vulnerability in Microfocus Operations Agent 12.15/12.20/12.21 Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. local low complexity microfocus	7.8
2023-12-09	CVE-2020-25835	Cross-site Scripting vulnerability in Microfocus Arcsight Management Center A potential vulnerability has been identified in Micro Focus ArcSight Management Center. network low complexity microfocus CWE-79	5.4
2023-12-06	CVE-2023-32268	Insufficiently Protected Credentials vulnerability in Microfocus Filr Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators. network low complexity microfocus CWE-522	7.2
2023-11-08	CVE-2023-5913	Unspecified vulnerability in Microfocus Fortify Scancentral Dast Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. network low complexity microfocus critical	9.8

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus