CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-11653
https://notcve.org/view.php?id=CVE-2019-11653
Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request. Bypass de control de acceso remoto en Micro Focus Content Manager. versiones 9.1, 9.2, 9.3. La vulnerabilidad podría explotarse para manipular los datos almacenados durante la solicitud de CheckIn de otro usuario. • https://ashsecurity.wordpress.com/2019/07/09/cm-cve https://softwaresupport.softwaregrp.com/doc/KM03489552 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11650
https://notcve.org/view.php?id=CVE-2019-11650
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. Se encontró un potencial ataque de tipo Man in the Middle (MITM) en NetIQ Advanced Authentication Framework versiones anteriores a 6.0. • https://www.netiq.com/documentation/advanced-authentication-60/advanced-authentication-releasenotes-60/data/advanced-authentication-releasenotes-60.html#t49vfiy1udvg •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11647
https://notcve.org/view.php?id=CVE-2019-11647
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack. Se presenta un problema de tipo XSS potencial en Self Service Password Reset, en el software Micro Focus NetIQ en todas las versiones anteriores a la versión 4.4. La vulnerabilidad podría ser explotada para habilitar un ataque XSS. • https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p2/data/release-notes-sspr-44-p2.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11649 – KM03461174 Micro Focus Fortify Software Security Center Server, CVE-2019-11649
https://notcve.org/view.php?id=CVE-2019-11649
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The vulnerability could be exploited to execute JavaScript code in user’s browser. La vulnerabilidad de secuencias de comandos entre sitios en Micro Focus Fortify Software Security Center Server, versiones 17.2, 18.1, 18.2, se ha identificado en Micro Focus Software Security Center. La vulnerabilidad podría explotarse para ejecutar código JavaScript en el navegador del usuario. • https://softwaresupport.softwaregrp.com/doc/KM03461174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3477
https://notcve.org/view.php?id=CVE-2019-3477
Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. Fue encontrada una Vulnerabilidad en las versiones de Micro Focus Solution Business Manager anteriores hasta la versión 11.4.2 son susceptibles a redireccionamiento abierto. • http://help.serena.com/doc_center/sbm/ver11_4_2/sbm_release_notes.htm • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •