CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-6488 – MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance
https://notcve.org/view.php?id=CVE-2018-6488
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution. Vulnerabilidad de ejecución de código arbitrario en Micro Focus Universal CMDB 4.10, 4.11 y 4.12. Esta vulnerabilidad podría explotarse de forma remota para permitir la ejecución de código arbitrario. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03086019 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-6487 – MFSBGN03799 rev.1 - Micro Focus UCMDB, Remote Disclosure of Information
https://notcve.org/view.php?id=CVE-2018-6487
Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information. Divulgación remota de información en Micro Focus Universal CMDB Foundation Software, versiones 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. La vulnerabilidad se podría explotar de forma remota para permitir la divulgación de información. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03091097 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-6486 – MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection
https://notcve.org/view.php?id=CVE-2018-6486
XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), versions 16.10, 16.20, 17.10. This vulnerability could be exploited to allow a XML External Entity (XXE) injection. Vulnerabilidad XEE (XML External Entity) en Micro Focus Fortify Audit Workbench (AWB) y Micro Focus Fortify Software Security Center (SSC), versiones 16.10, 16.20 y 17.10. Esta vulnerabilidad podría ser explotada para permitir inyección XEE (XML External Entity). • http://www.securityfocus.com/bid/102902 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03083653 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2017-14363 – MFSBGN03795 rev.1 - Micro Focus Operations Manager i - Remote Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2017-14363
Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Se ha identificado una vulnerabilidad Cross-Site Scripting (XSS) en Micro Focus Operations Manager i en las versiones 10.60, 10.61 y 10.62. La vulnerabilidad se podría explotar de forma remota para permitir que se produzca Cross-Site Scripting (XSS). • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03060545 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14361 – MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities
https://notcve.org/view.php?id=CVE-2017-14361
Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack. Vulnerabilidad Man-in-the-Middle (MitM) en Micro Focus Project and Portfolio Management Center 9.32. Esto podría ser explotado para permitir ataques Man-in-the-Middle. • http://www.securitytracker.com/id/1040088 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03014426 •