CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38753
https://notcve.org/view.php?id=CVE-2022-38753
This update resolves a multi-factor authentication bypass attack Esta actualización resuelve un ataque de omisión de autenticación multifactor • https://www.netiq.com/documentation/advanced-authentication-64/advanced-authentication-releasenotes-641/data/advanced-authentication-releasenotes-641.html#t4g4mvd1yivo •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38755 – Filr Remote unauthenticated user enumeration for versions prior to 4.3.1.1
https://notcve.org/view.php?id=CVE-2022-38755
A vulnerability has been identified in Micro Focus Filr in versions prior to 4.3.1.1. The vulnerability could be exploited to allow a remote unauthenticated attacker to enumerate valid users of the system. Remote unauthenticated user enumeration. This issue affects: Micro Focus Filr versions prior to 4.3.1.1. Se ha identificado una vulnerabilidad en Micro Focus Filr en versiones anteriores a la 4.3.1.1. • https://portal.microfocus.com/s/article/KM000011886?language=en_US •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26331 – Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
https://notcve.org/view.php?id=CVE-2022-26331
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían ser explotadas de forma remota dando lugar a una Divulgación de Información, o ataques de tipo Cross-Site Scripting (XSS) propios. • https://portal.microfocus.com/s/article/KM000010167?language=en_US https://www.microfocus.com/support/downloads • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26330 – Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
https://notcve.org/view.php?id=CVE-2022-26330
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían explotarse de forma remota, resultando en una Divulgación de Información o ataques de tipo Cross-Site Scripting (XSS) propios. • https://portal.microfocus.com/s/article/KM000010167?language=en_US https://www.microfocus.com/support/downloads •
CVSS: 6.1EPSS: 0%CPEs: 15EXPL: 0CVE-2021-22531
https://notcve.org/view.php?id=CVE-2021-22531
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 Se presenta un bug en el parámetro input de Access Manager que permite a el suministro de caracteres no válidos desencadenar una vulnerabilidad de tipo cross-site scripting. Esto afecta a NetIQ Access Manager versiones 4.5 y 5.0 • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager502-release-notes/accessmanager502-release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •