CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-7691 – MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access
https://notcve.org/view.php?id=CVE-2018-7691
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access Un potencial acceso remoto no autorizado en Micro Focus Fortify Software Security Center (SSC) 17.10, 17.20 y 18.10 podría permitir el acceso remoto no autorizado. Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to extracting local and ldap users. • https://www.exploit-db.com/exploits/45990 https://github.com/alt3kx/CVE-2018-7691 https://softwaresupport.softwaregrp.com/doc/KM03298201 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-7690 – MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access
https://notcve.org/view.php?id=CVE-2018-7690
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access Un potencial acceso remoto no autorizado en Micro Focus Fortify Software Security Center (SSC) 17.10, 17.20 y 18.10 podría permitir el acceso remoto no autorizado. Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to user projects. • https://www.exploit-db.com/exploits/45989 https://github.com/alt3kx/CVE-2018-7690 https://softwaresupport.softwaregrp.com/doc/KM03298201 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-17950
https://notcve.org/view.php?id=CVE-2018-17950
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 Aplicación incorrecta de las comprobaciones de autorización en eDirectory en versiones anteriores a la 9.1 SP2. • https://www.netiq.com/documentation/edirectory-91/edirectory912_releasenotes/data/edirectory912_releasenotes.html • CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17952
https://notcve.org/view.php?id=CVE-2018-17952
Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 Vulnerabilidad Cross-Site Scripting (XSS) en eDirectory en versiones anteriores a la 9.1 SP2. • https://www.netiq.com/documentation/edirectory-91/edirectory912_releasenotes/data/edirectory912_releasenotes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17949
https://notcve.org/view.php?id=CVE-2018-17949
Cross site scripting vulnerability in iManager prior to 3.1 SP2. Vulnerabilidad Cross-Site Scripting (XSS) en iManager en versiones anteriores a la 3.1 SP2. • https://www.netiq.com/documentation/imanager-31/imanager312_releasenotes/data/imanager312_releasenotes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •