NotCVE - vendor:"Microfocus"

Page 18 of 221 results (0.015 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-9522

https://notcve.org/view.php?id=CVE-2020-9522

Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, Affecting versions 7.0.x, 7.2 and 7.2.1 . The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Enterprise Security Manager (ESM), afectando a las versiones 7.0.x, 7.2 y 7.2.1. Las vulnerabilidades podrían ser explotadas remotamente, resultando en un ataque de tipo Cross-Site Scripting (XSS) o una divulgación de información • https://softwaresupport.softwaregrp.com/doc/KM03650888 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-11839

https://notcve.org/view.php?id=CVE-2020-11839

Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Logger, afectando a todas las versiones desde 6.6.1 hasta la versión 7.0.1. Las vulnerabilidades podrían ser explotadas remotamente, resultando en un ataque de tipo Cross-Site Scripting (XSS) o una divulgación de información • https://softwaresupport.softwaregrp.com/doc/KM03650887 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 3%CPEs: 8EXPL: 0

CVE-2020-11844 – Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.

https://notcve.org/view.php?id=CVE-2020-11844

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation. La vulnerabilidad de la autorización incorrecta en el componente Micro Focus Container Deployment Foundation afecta a los productos: Hybrid Cloud Management. desde la versión 2018.05 hasta 2019.11. - ArcSight Investigate. versiones 2.4.0, 3.0.0 y 3.1.0. - ArcSight Transformation Hub. versiones 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. versión 6.0.0. - ArcSight ESM (cuando se instala ArcSight Fusion 1.0). versión 7.2.1. - Service Management Automation (SMA). desde la versión 2018.05 hasta 2020.02 - Operation Bridge Suite (Containerized). desde la versión 2018.05 hasta 2020.02. - Network Operation Management. desde la versión 2017.11 hasta 2019.11. - Data Center Automation Containerized. desde la versión 2018.05 hasta 2019.11. • https://softwaresupport.softwaregrp.com/doc/KM03645628 https://softwaresupport.softwaregrp.com/doc/KM03645629 https://softwaresupport.softwaregrp.com/doc/KM03645630 https://softwaresupport.softwaregrp.com/doc/KM03645631 https://softwaresupport.softwaregrp.com/doc/KM03645636 https://softwaresupport.softwaregrp.com/doc/KM03645642 https://support.microfocus.com/kb/doc.php?id=7024637 • CWE-863: Incorrect Authorization •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-11845

https://notcve.org/view.php?id=CVE-2020-11845

Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML. Vulnerabilidad de tipo Cross Site Scripting en el producto Micro Focus Service Manager. Afectando las versiones 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. • https://softwaresupport.softwaregrp.com/doc/KM03640285 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 16EXPL: 0

CVE-2020-9524

https://notcve.org/view.php?id=CVE-2020-9524

Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8. The vulnerability could allow an attacker to trigger administrative actions when an administrator viewed malicious data left by the attacker (stored XSS) or followed a malicious link (reflected XSS). Una vulnerabilidad de tipo Cross Site scripting en Micro Focus Enterprise Server y el desarrollador Enterprise, afecta a todas las versiones anteriores a 5.0 Patch Update 8. La vulnerabilidad podría permitir a un atacante desencadenar acciones administrativas cuando un administrador visualizara datos maliciosos dejados por el atacante (XSS almacenado) o siguiera un enlace malicioso (XSS reflejado). • https://softwaresupport.softwaregrp.com/doc/KM03640252 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...16 17 18 19 20