Vulnerabilities > Microfocus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-27 | CVE-2020-11858 | Unspecified vulnerability in Microfocus Operations Bridge and Operations Bridge Manager Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). | 7.8 |
| 2020-10-22 | CVE-2020-11853 | Arbitrary code execution vulnerability affecting multiple Micro Focus products. | 8.8 |
| 2020-09-22 | CVE-2020-11855 | Incorrect Permission Assignment for Critical Resource vulnerability in Microfocus Operation Bridge Reporter An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 7.8 |
| 2020-09-18 | CVE-2020-11861 | Unspecified vulnerability in Microfocus Operations Agent Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. | 7.8 |
| 2020-08-19 | CVE-2020-11848 | Unspecified vulnerability in Microfocus Arcsight Management Center Denial of service vulnerability on Micro Focus ArcSight Management Center. | 7.5 |
| 2020-08-07 | CVE-2020-11852 | OS Command Injection vulnerability in Microfocus Secure Messaging Gateway 471 DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). | 8.8 |
| 2020-05-04 | CVE-2020-11842 | Unspecified vulnerability in Microfocus Verastream Host Integrator Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). | 7.5 |
| 2020-04-17 | CVE-2020-9523 | Insufficiently Protected Credentials vulnerability in Microfocus Enterprise Developer Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. | 8.8 |
| 2020-03-26 | CVE-2020-9521 | SQL Injection vulnerability in Microfocus Service Manager Automation An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02, 2018.08, 2018.05, 2018.02. | 8.8 |
| 2019-12-17 | CVE-2019-11657 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Logger 6.61 Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. | 8.8 |