Vulnerabilities > Microfocus > Service Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-19 | CVE-2020-11845 | Cross-site Scripting vulnerability in Microfocus Service Manager Cross Site Scripting vulnerability in Micro Focus Service Manager product. | 6.1 |
| 2020-03-16 | CVE-2020-9518 | Unspecified vulnerability in Microfocus Service Manager Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 5.3 |
| 2020-03-16 | CVE-2020-9519 | Unspecified vulnerability in Microfocus Service Manager HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. | 5.3 |
| 2020-03-09 | CVE-2020-9517 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Microfocus Service Manager 9.50/9.60 There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. | 5.4 |
| 2019-09-18 | CVE-2019-11664 | Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 6.5 |
| 2019-09-18 | CVE-2019-11663 | Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 6.5 |
| 2019-09-18 | CVE-2019-11662 | Information Exposure Through an Error Message vulnerability in Microfocus Service Manager Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 4.3 |
| 2018-11-13 | CVE-2018-18591 | Information Exposure vulnerability in Microfocus Service Manager A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. | 6.5 |
| 2018-05-22 | CVE-2018-6494 | SQL Injection vulnerability in Microfocus Service Manager Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. | 5.4 |