Vulnerabilities > Microfocus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2019-18946 | Session Fixation vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | 4.8 |
| 2021-02-26 | CVE-2019-18945 | Unspecified vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. low complexity microfocus | 8.0 |
| 2021-02-26 | CVE-2019-18944 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | 4.8 |
| 2021-02-26 | CVE-2019-18943 | XXE vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | 8.0 |
| 2021-02-26 | CVE-2019-18942 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. | 4.8 |
| 2021-02-12 | CVE-2021-22504 | Unspecified vulnerability in Microfocus Operations Bridge Manager Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. | 9.8 |
| 2021-02-08 | CVE-2021-22502 | OS Command Injection vulnerability in Microfocus Operation Bridge Reporter 10.40 Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. | 9.8 |
| 2021-02-06 | CVE-2021-22500 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Application Performance Management 9.40/9.50/9.51 Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. | 6.5 |
| 2021-02-06 | CVE-2021-22499 | Cross-site Scripting vulnerability in Microfocus Application Performance Management 9.40/9.50/9.51 Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. | 4.8 |
| 2021-01-19 | CVE-2021-22498 | XXE vulnerability in Microfocus Application Lifecycle Management XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. | 8.1 |