High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-18	CVE-2020-11861	Unspecified vulnerability in Microfocus Operations Agent Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. local low complexity microfocus	7.8
2020-08-19	CVE-2020-11848	Unspecified vulnerability in Microfocus Arcsight Management Center Denial of service vulnerability on Micro Focus ArcSight Management Center. network low complexity microfocus	7.5
2020-08-07	CVE-2020-11852	OS Command Injection vulnerability in Microfocus Secure Messaging Gateway 471 DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). network low complexity microfocus CWE-78	8.8
2020-05-04	CVE-2020-11842	Unspecified vulnerability in Microfocus Verastream Host Integrator Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). network low complexity microfocus	7.5
2020-04-17	CVE-2020-9523	Insufficiently Protected Credentials vulnerability in Microfocus Enterprise Developer Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. network low complexity microfocus CWE-522	8.8
2020-03-26	CVE-2020-9521	SQL Injection vulnerability in Microfocus Service Manager Automation An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02, 2018.08, 2018.05, 2018.02. network low complexity microfocus CWE-89	8.8
2019-12-17	CVE-2019-11657	Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Logger 6.61 Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. network low complexity microfocus CWE-352	8.8
2019-12-11	CVE-2019-17087	Unspecified vulnerability in Microfocus Acutoweb Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. network low complexity microfocus	7.5
2019-09-18	CVE-2019-11661	Unspecified vulnerability in Microfocus Service Manager Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. network low complexity microfocus	8.3
2019-09-17	CVE-2019-11665	Unspecified vulnerability in Microfocus Service Manager Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. network low complexity microfocus	7.5