NotCVE - vendor:"Microfocus" product:"Application Performance Management" version:"9.40"

6 results (0.001 seconds)

CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2021-22514

https://notcve.org/view.php?id=CVE-2021-22514

28 Apr 2021 — An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM. Se presenta una vulnerabilidad de ejecución de código arbitrario en Micro Focus Application Performance Management, que afecta a versiones 9.40, 9.50 y 9.51. La vulnerabilidad podría permitir a atacantes remotos ejecutar código arbitrario en instalaciones afec... • https://softwaresupport.softwaregrp.com/doc/KM03806649 •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-22500

https://notcve.org/view.php?id=CVE-2021-22500

06 Feb 2021 — Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing. Una vulnerabilidad de tipo Cross Site Request Forgery en el producto Micro Focus Application Performance Management, afectando a versiones 9.40, 9.50 y 9.51. La vulnerabilidad podría ser explotada por un atacante para engañar a usuarios a que ejecu... • https://softwaresupport.softwaregrp.com/doc/KM03775253 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-22499

https://notcve.org/view.php?id=CVE-2021-22499

06 Feb 2021 — Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack. Una vulnerabilidad de tipo Cross-Site scripting persistente en el producto Micro Focus Application Performance Management, afecta a versiones 9.40, 9.50 y 9.51. La vulnerabilidad podría permitir un ataque de tipo XSS persistente • https://softwaresupport.softwaregrp.com/doc/KM03775253 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 91%CPEs: 24EXPL: 1

CVE-2020-11854 – Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products.

https://notcve.org/view.php?id=CVE-2020-11854

27 Oct 2020 — Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.... • https://packetstorm.news/files/id/161182 • CWE-798: Use of Hard-coded Credentials •

CVSS: 8.8EPSS: 91%CPEs: 36EXPL: 2

CVE-2020-11853 – Arbitrary code execution vulnerability on multiple Micro Focus products

https://notcve.org/view.php?id=CVE-2020-11853

22 Oct 2020 — Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) • https://packetstorm.news/files/id/161182 •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-14350 – Hewlett Packard Enterprise Application Performance Management Staging Data Replicator hpbsmsdr Missing Authentication for Critical Function Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-14350

26 Sep 2017 — A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution. Se ha identificado una vulnerabilidad de seguridad potencial en HPE Application Performance Management (BSM) Platform en versiones 9.26, 9.30 y 9.40. La vulnerabilidad podría explotarse de forma remota para permitir la ejecución de código. This vulnerability allows remote attackers to execute arbitrar... • http://www.securityfocus.com/bid/100988 • CWE-306: Missing Authentication for Critical Function •