Vulnerabilities > Microfocus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-28 | CVE-2024-4556 | Path Traversal vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | 7.5 |
| 2024-08-21 | CVE-2020-11846 | Unspecified vulnerability in Microfocus Netiq Privileged Access Manager 3.7 A vulnerability found in OpenText Privileged Access Manager that issues a token. | 7.5 |
| 2024-08-21 | CVE-2020-11847 | OS Command Injection vulnerability in Microfocus Netiq Privileged Access Manager 3.7 SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. | 7.8 |
| 2024-05-28 | CVE-2024-4429 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Imanager Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. | 7.4 |
| 2024-05-15 | CVE-2024-3485 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. | 7.5 |
| 2024-05-15 | CVE-2024-3970 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. | 7.5 |
| 2024-02-15 | CVE-2024-0622 | Unspecified vulnerability in Microfocus Operations Agent 12.15/12.20/12.21 Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. | 7.8 |
| 2023-12-06 | CVE-2023-32268 | Insufficiently Protected Credentials vulnerability in Microfocus Filr Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators. | 7.2 |
| 2023-08-11 | CVE-2023-32267 | Unspecified vulnerability in Microfocus Arcsight Management Center A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. | 8.8 |
| 2022-12-23 | CVE-2022-38757 | Improper Privilege Management vulnerability in Microfocus Zenworks 2020 A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. | 7.2 |