CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22526 – Open Redirection vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22526
13 Sep 2021 — Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Una vulnerabilidad de Redirección Abierta en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025257 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22524 – Denial of service vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22524
13 Sep 2021 — Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Un ataque de inyección causó una vulnerabilidad de denegación de servicio en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025256 • CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22527 – Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22527
13 Sep 2021 — Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Una vulnerabilidad de filtrado de información en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025258 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22528 – Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22528
13 Sep 2021 — Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Una vulnerabilidad de tipo Cross Site Scripting (XSS) Reflejado en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025259 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2021-38123
https://notcve.org/view.php?id=CVE-2021-38123
07 Sep 2021 — Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication. Una vulnerabilidad de redirección abierta en Micro Focus Network Automation, que afecta a las versiones 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05 de Network Automation. La vulnerabilidad podría permitir redirigi... • https://portal.microfocus.com/s/article/KM000001673 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22525
https://notcve.org/view.php?id=CVE-2021-22525
02 Sep 2021 — This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 Esta versión soluciona una posible vulnerabilidad de filtrado de información en NetIQ Access Manager versiones anteriores a 5.0.1 • https://support.microfocus.com/kb/doc.php?id=7025254 •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-22517
https://notcve.org/view.php?id=CVE-2021-22517
05 Aug 2021 — A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data. Se ha identificado una posible vulnerabilidad de escalada de privilegios no autorizada en Micro Focus Data Protector. La vulnerabilidad afecta las versiones 10.10, 10.20, 10.30, 10.... • https://portal.microfocus.com/s/article/KM000001460 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2021-22521
https://notcve.org/view.php?id=CVE-2021-22521
30 Jul 2021 — A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges. Se ha identificado una vulnerabilidad de escalada de privilegios en Micro Focus ZENworks Configuration Management, afectando la versión 2020 Update 1 y a todas las versiones anteriores. La vulnerabilidad podría ser explotada para alcanzar privilegios del sistema no autor... • https://support.microfocus.com/kb/doc.php?id=7025205 • CWE-863: Incorrect Authorization •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22523
https://notcve.org/view.php?id=CVE-2021-22523
22 Jul 2021 — XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions. Una vulnerabilidad detipo XML External Entity en Micro Focus Verastream Host Integrator, que afecta a versión 7.8 Update 1 y versiones anteriores. La vulnerabilidad podría permitir el control del navegador web y el secuestro de las sesiones de usuarios • https://support.microfocus.com/kb/doc.php?id=7025169 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22522
https://notcve.org/view.php?id=CVE-2021-22522
22 Jul 2021 — Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data. Una vulnerabilidad de tipo Cross-Site Scripting Reflejado en Micro Focus Verastream Host Integrator, que afecta a versión 7.8 Update 1 y versiones anteriores. La vulnerabilidad podría permitir una divulgación de datos confidenciales • https://support.microfocus.com/kb/doc.php?id=7025169 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •