CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9519
https://notcve.org/view.php?id=CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data. Una vulnerabilidad de métodos HTTP revelados en los servicios Web en el administrador de Micro Focus Service (server), afectando a las versiones 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. La vulnerabilidad podría ser explotada para permitir una exposición de datos de configuración. • https://softwaresupport.softwaregrp.com/doc/KM03607789 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11662
https://notcve.org/view.php?id=CVE-2019-11662
Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message. Los nombres de clase y método en un mensaje de error en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Esta vulnerabilidad podría ser explotada en algunos casos especiales para permitir la exposición de información por medio de un mensaje de error. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11661
https://notcve.org/view.php?id=CVE-2019-11661
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data. Permitir cambios en alguna tabla por parte de usuarios no Administradores de Sistema (SysAdmin) en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Esta vulnerabilidad podría ser explotada para permitir el acceso no autorizado y la modificación de datos. • https://softwaresupport.softwaregrp.com/doc/KM03518316 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11664
https://notcve.org/view.php?id=CVE-2019-11664
Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. La contraseña en texto sin cifrar en el navegador en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría explotarse para permitir la exposición de datos confidenciales. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-311: Missing Encryption of Sensitive Data CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11663
https://notcve.org/view.php?id=CVE-2019-11663
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. Las credenciales en texto sin cifrar son usadas para acceder a la aplicación de administradores en Tomcat en Micro Focus Service Manager versiones de producto 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría explotarse para permitir la exposición de datos confidenciales. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-311: Missing Encryption of Sensitive Data CWE-522: Insufficiently Protected Credentials •