CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11848
https://notcve.org/view.php?id=CVE-2020-11848
19 Aug 2020 — Denial of service vulnerability on Micro Focus ArcSight Management Center. Affecting all versions prior to version 2.9.5. The vulnerability could cause the server to become unavailable, causing a denial of service. Vulnerabilidad de Denegación de Servicio en Micro Focus ArcSight Management Center. Afectando a todas las versiones anteriores a 2.9.5. • https://community.microfocus.com/t5/ArcSight-Management-Center-ArcMC/ArcSight-Management-Center-2-9-5-Release-Notes/ta-p/2814648 •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11852
https://notcve.org/view.php?id=CVE-2020-11852
07 Aug 2020 — DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM system command. Vulnerabilidad de la página de administración de claves DKIM en Micro Focus Secure Messaging Gateway (SMG). Afectando a todas las versiones en ejecución del dispositivo SMG versiones anteriores a julio... • https://support.microfocus.com/kb/doc.php?id=7024775 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11849 – Elevation of privilege and unauthorized access in Micro Focus Identity Manager product
https://notcve.org/view.php?id=CVE-2020-11849
08 Jul 2020 — Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access. Una elevación de privilegios y/o vulnerabilidad de acceso no autorizado en Micro Focus Identity Manager. Afecta las versiones anteriores a 4.7.3 y 4.8.1 hotfix 1. • https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11841
https://notcve.org/view.php?id=CVE-2020-11841
16 Jun 2020 — Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. Una vulnerabilidad de divulgación de información no autorizada en el producto Micro Focus ArcSight Management Center, afectando a las versiones 2.6.1, 2.7.x, 2.8.x, y 2.9.x anteriores a 2.9.4. Las vulnerabilidades podrían ser explotadas remotamente, resu... • https://softwaresupport.softwaregrp.com/doc/KM03650893 •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11838
https://notcve.org/view.php?id=CVE-2020-11838
16 Jun 2020 — Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Management Center, afectando a las versiones 2.6.1, 2.7.x, 2.8.x, y 2.9.x anteriores a 2.9.4. Las vulnerabilidades podrían ser explotadas remotamente, re... • https://softwaresupport.softwaregrp.com/doc/KM03650893 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11840
https://notcve.org/view.php?id=CVE-2020-11840
16 Jun 2020 — Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. Una vulnerabilidad de divulgación de información no autorizada en el producto Micro Focus ArcSight Management Center, afectando a las versiones 2.6.1, 2.7.x, 2.8.x, y 2.9.x anteriores a 2.9.4. Las vulnerabilidades podrían ser explotadas remotamente, resu... • https://softwaresupport.softwaregrp.com/doc/KM03650893 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9522
https://notcve.org/view.php?id=CVE-2020-9522
16 Jun 2020 — Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, Affecting versions 7.0.x, 7.2 and 7.2.1 . The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Enterprise Security Manager (ESM), afectando a las versiones 7.0.x, 7.2 y 7.2.1. Las vulnerabilidades podrían ser explotadas remotamente, resultando en un at... • https://softwaresupport.softwaregrp.com/doc/KM03650888 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11839
https://notcve.org/view.php?id=CVE-2020-11839
12 Jun 2020 — Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Logger, afectando a todas las versiones desde 6.6.1 hasta la versión 7.0.1. Las vulnerabilidades podrían ser explotadas remotamente, resultando en un ataque de tipo Cross-Site ... • https://softwaresupport.softwaregrp.com/doc/KM03650887 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2020-11844 – Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.
https://notcve.org/view.php?id=CVE-2020-11844
29 May 2020 — Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions ... • https://softwaresupport.softwaregrp.com/doc/KM03645628 • CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11845
https://notcve.org/view.php?id=CVE-2020-11845
19 May 2020 — Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML. Vulnerabilidad de tipo Cross Site Scripting en el producto Micro Focus Service Manager. Afectando las versiones 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. • https://softwaresupport.softwaregrp.com/doc/KM03640285 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •