Page 3 of 17 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. Existe un problema de ejecución remota de código no autenticado en Micro Focus Solutions Business Manager (SBM), anteriormente conocido como Serena Business Manager (SBM), en versiones anteriores a la 11.5. • http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. Existe un problema de omisión de autenticación en Solutions Business Manager (SBM), anteriormente conocido como Serena Business Manager (SBM), en versiones anteriores a la 11.5. • http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm • CWE-287: Improper Authentication •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. Micro Focus Solutions Business Manager en versiones anteriores a la 11.4 permite que un usuario invoque servicios SBM RESTful en los dominios. • http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution. Micro Focus Solutions Business Manager en versiones anteriores a la 11.4, cuando ASP.NET está configurado con permisos de ejecución en los directorios virtuales y no valida el contenido de las imágenes de avatar de usuario, podría conducir a la ejecución remota de código. • http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm • CWE-20: Improper Input Validation •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system. Micro Focus Solutions Business Manager en versiones anteriores a la 11.4 permite incrustar JavaScript en URL colocadas en la carpeta "Favorites". Si el usuario tiene ciertos privilegios administrativos, esta vulnerabilidad puede impactar a otros usuarios del sistema. • http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •