Vulnerabilities > Microfocus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-09 | CVE-2020-9517 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Microfocus Service Manager 9.50/9.60 There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. | 5.4 |
| 2019-11-18 | CVE-2019-17085 | XXE vulnerability in Microfocus Operations Agent XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. | 6.5 |
| 2019-10-22 | CVE-2019-11674 | Improper Certificate Validation vulnerability in Microfocus Netiq Self Service Password Reset Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. | 5.9 |
| 2019-10-02 | CVE-2019-11651 | Cross-site Scripting vulnerability in Microfocus Enterprise Developer and Enterprise Server Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. | 6.1 |
| 2019-09-18 | CVE-2019-11664 | Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 6.5 |
| 2019-09-18 | CVE-2019-11663 | Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 6.5 |
| 2019-09-18 | CVE-2019-11662 | Information Exposure Through an Error Message vulnerability in Microfocus Service Manager Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 4.3 |
| 2019-08-30 | CVE-2019-11658 | Information Exposure vulnerability in Microfocus Content Manager 9.1/9.2/9.3 Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. | 4.3 |
| 2019-08-07 | CVE-2019-11653 | Unspecified vulnerability in Microfocus Content Manager 9.1.0/9.2.0/9.3.0 Remote Access Control Bypass in Micro Focus Content Manager. | 5.4 |
| 2019-07-10 | CVE-2019-11650 | Unspecified vulnerability in Microfocus Netiq Advanced Authentication A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. | 5.9 |