Microfocus: Security Vulnerabilities
Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. The vulnerability could cause configuration destruction.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-03-26
CVE-2021-22506
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.
Known exploited
CVSS Score
7.5
EPSS Score
0.105
Published
2021-03-26
Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-03-25
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-02-26
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.
CVSS Score
6.1
EPSS Score
0.001
Published
2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVSS Score
4.9
EPSS Score
0.001
Published
2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVSS Score
7.3
EPSS Score
0.001
Published
2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.
CVSS Score
4.8
EPSS Score
0.001
Published
2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure.
CVSS Score
3.5
EPSS Score
0.001
Published
2021-02-26
Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server.
CVSS Score
9.8
EPSS Score
0.03
Published
2021-02-12