CVE-2022-26326 – Potential open redirection vulnerability in NetIQ Access Manager versions prior to version 5.0.2
https://notcve.org/view.php?id=CVE-2022-26326
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 Una potencial vulnerabilidad de redireccionamiento abierto cuando la URL está diseñada en un formato específico en NetIQ Access Manager versiones anteriores a 5.0.2 • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager502-release-notes/accessmanager502-release-notes.html#t4f2msu33v8h • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2022-26325 – Cross Site Scripting vulnerability in NetIQ Access Manager versions prior to version 5.0.2
https://notcve.org/view.php?id=CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2 Una vulnerabilidad de tipo Cross Site Scripting (XSS) Reflejado en NetIQ Access Manager versiones anteriores a 5.0.2 • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager502-release-notes/accessmanager502-release-notes.html#t4f2msu33v8h • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-38125
https://notcve.org/view.php?id=CVE-2021-38125
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploited to unauthenticated remote code execution. Una Ejecución de código remoto no autenticado en Micro Focus Operations Bridge en contenedor, afectando a versiones 2021.05, 2021.08 y versiones más recientes de Micro Focus Operations Bridge en contenedor si la implantación fue actualizada desde 2021.05 o 2021.08. La vulnerabilidad podría aprovecharse para una ejecución de código remota sin autenticación • https://portal.microfocus.com/s/article/KM000005303?language=en_US •
CVE-2021-38130 – Voltage SecureMail Server Business Logic Bypass
https://notcve.org/view.php?id=CVE-2021-38130
A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an information leakage attack. Se ha identificado una posible vulnerabilidad de filtrado de información en las versiones de Micro Focus Voltage SecureMail Mail Relay anteriores a 7.3.0.1. La vulnerabilidad podría ser explotada para crear un ataque de filtrado de información Voltage SecureMail Server versions prior to 7.3.0.1 suffer from a business logic bypass vulnerability. • https://portal.microfocus.com/s/article/KM000003667 •
CVE-2021-38129
https://notcve.org/view.php?id=CVE-2021-38129
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local user to access system monitoring data collected by Operations Agent. Una vulnerabilidad de escalada de privilegios en Micro Focus en Micro Focus Operations Agent, afectando a versiones 12.x hasta 12.21 incluyéndola. La vulnerabilidad podría ser aprovechada por un usuario local no privilegiado para acceder a los datos de supervisión del sistema recopilados por Operations Agent • https://portal.microfocus.com/s/article/KM000003539?language=en_US •