Microfocus: Security Vulnerabilities
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
CVSS Score
4.9
EPSS Score
0.001
Published
2021-09-13
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
CVSS Score
5.4
EPSS Score
0.002
Published
2021-09-13
Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-09-07
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-02
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data.
CVSS Score
8.8
EPSS Score
0.005
Published
2021-08-05
A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-07-30
Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data.
CVSS Score
7.1
EPSS Score
0.002
Published
2021-07-22
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions.
CVSS Score
7.6
EPSS Score
0.003
Published
2021-07-22
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-07-12
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-06-04