Vulnerabilities > Microfocus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-12 | CVE-2021-22497 | Improper Authentication vulnerability in Microfocus Netiq Advanced Authentication Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | 7.2 |
| 2021-03-26 | CVE-2021-22506 | Unspecified vulnerability in Microfocus Access Manager Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. | 7.5 |
| 2021-03-25 | CVE-2021-22496 | Improper Authentication vulnerability in Microfocus Access Manager Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. | 7.5 |
| 2021-02-26 | CVE-2019-18945 | Unspecified vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. low complexity microfocus | 8.0 |
| 2021-02-26 | CVE-2019-18943 | XXE vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | 8.0 |
| 2021-01-19 | CVE-2021-22498 | XXE vulnerability in Microfocus Application Lifecycle Management XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. | 8.1 |
| 2020-11-05 | CVE-2020-25837 | Unspecified vulnerability in Microfocus Self Service Password Reset Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. | 7.5 |
| 2020-10-27 | CVE-2020-11858 | Unspecified vulnerability in Microfocus Operations Bridge and Operations Bridge Manager Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). | 7.8 |
| 2020-10-22 | CVE-2020-11853 | Arbitrary code execution vulnerability affecting multiple Micro Focus products. | 8.8 |
| 2020-09-22 | CVE-2020-11855 | Incorrect Permission Assignment for Critical Resource vulnerability in Microfocus Operation Bridge Reporter An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 7.8 |