Vulnerabilities > Microfocus > Visual Cobol

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-4501 Improper Authentication vulnerability in Microfocus products
User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants such as Enterprise Test Server), versions 7.0 patch updates 19 and 20, 8.0 patch updates 8 and 9, and 9.0 patch update 1, when LDAP-based authentication is used with certain configurations.
network
low complexity
microfocus CWE-287
critical
9.8
2023-07-20 CVE-2023-32265 Unspecified vulnerability in Microfocus products
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to exploit this vulnerability.
network
low complexity
microfocus
6.5