Vulnerabilities > Microfocus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-22522 | Cross-site Scripting vulnerability in Microfocus Verastream Host Integrator Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. | 7.1 |
| 2021-07-22 | CVE-2021-22523 | XXE vulnerability in Microfocus Verastream Host Integrator XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. | 7.6 |
| 2021-06-04 | CVE-2021-22516 | Information Exposure Through Log Files vulnerability in Microfocus Secure API Manager 2.0.0 Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. | 7.5 |
| 2021-04-12 | CVE-2021-22497 | Improper Authentication vulnerability in Microfocus Netiq Advanced Authentication Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | 7.2 |
| 2021-03-26 | CVE-2021-22506 | Unspecified vulnerability in Microfocus Access Manager Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. | 7.5 |
| 2021-03-25 | CVE-2021-22496 | Improper Authentication vulnerability in Microfocus Access Manager Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. | 7.5 |
| 2021-02-26 | CVE-2019-18945 | Unspecified vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. low complexity microfocus | 8.0 |
| 2021-02-26 | CVE-2019-18943 | XXE vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | 8.0 |
| 2021-01-19 | CVE-2021-22498 | XXE vulnerability in Microfocus Application Lifecycle Management XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. | 8.1 |
| 2020-11-05 | CVE-2020-25837 | Unspecified vulnerability in Microfocus Self Service Password Reset Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. | 7.5 |