CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11661
https://notcve.org/view.php?id=CVE-2019-11661
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data. Permitir cambios en alguna tabla por parte de usuarios no Administradores de Sistema (SysAdmin) en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Esta vulnerabilidad podría ser explotada para permitir el acceso no autorizado y la modificación de datos. • https://softwaresupport.softwaregrp.com/doc/KM03518316 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11664
https://notcve.org/view.php?id=CVE-2019-11664
Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. La contraseña en texto sin cifrar en el navegador en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría explotarse para permitir la exposición de datos confidenciales. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-311: Missing Encryption of Sensitive Data CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11663
https://notcve.org/view.php?id=CVE-2019-11663
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. Las credenciales en texto sin cifrar son usadas para acceder a la aplicación de administradores en Tomcat en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría explotarse para permitir la exposición de datos confidenciales. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-311: Missing Encryption of Sensitive Data CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11665
https://notcve.org/view.php?id=CVE-2019-11665
Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. Una exposición de datos en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría ser explotada para permitir la exposición de datos confidenciales. • https://softwaresupport.softwaregrp.com/doc/KM03518316 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11666
https://notcve.org/view.php?id=CVE-2019-11666
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data. Deserialización no segura de datos no confiables en el producto Micro Focus Service Manager en las versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría ser explotada para permitir la deserialización no segura de datos no confiables. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-502: Deserialization of Untrusted Data •