Vulnerabilities > Microfocus > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2020-11847 OS Command Injection vulnerability in Microfocus Netiq Privileged Access Manager 3.7
SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash.
local
low complexity
microfocus CWE-78
7.8
7.8
2024-05-28 CVE-2024-4429 Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Imanager 3.2.6
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.
network
low complexity
microfocus CWE-352
7.4
7.4
2024-05-15 CVE-2024-3485 Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager 3.2.6
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.
network
low complexity
microfocus CWE-918
7.5
7.5
2024-05-15 CVE-2024-3970 Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager 3.2.6
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.
network
low complexity
microfocus CWE-918
7.5
7.5
2023-12-06 CVE-2023-32268 Insufficiently Protected Credentials vulnerability in Microfocus Filr
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators.
network
low complexity
microfocus CWE-522
7.2
7.2
2023-08-11 CVE-2023-32267 Unspecified vulnerability in Microfocus Arcsight Management Center
A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center.
network
low complexity
microfocus
8.8
8.8
2022-12-23 CVE-2022-38757 Improper Privilege Management vulnerability in Microfocus Zenworks 2020
A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions.
network
low complexity
microfocus CWE-269
7.2
7.2
2022-08-31 CVE-2022-26330 Unspecified vulnerability in Microfocus Arcsight Logger
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger.
network
low complexity
microfocus
7.5
7.5
2021-09-13 CVE-2021-22527 Unspecified vulnerability in Microfocus Access Manager 5.0
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
network
low complexity
microfocus
7.5
7.5
2021-08-05 CVE-2021-22517 Unspecified vulnerability in Microfocus Data Protector
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector.
network
low complexity
microfocus
8.8
8.8