CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18943 – XML External Entity processing
https://notcve.org/view.php?id=CVE-2019-18943
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. Micro Focus Solutions Business Manager versiones anteriores a 11.7.1, son vulnerables a un ataque de tipo XML External Entity Processing (XXE) en determinadas operaciones • http://knowledgebase.serena.com/resources/sites/KNOWLEDGEBASE/content/live/SOLUTIONS/142000/S142001/en_US/sbm_11.7.1_security_bulletin.htm • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18942 – Stored cross site scripting
https://notcve.org/view.php?id=CVE-2019-18942
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. Micro Focus Solutions Business Manager versiones anteriores a 11.7.1, son vulnerables a un ataque de tipo XSS almacenado. La aplicación refleja la entrada del usuario almacenada previamente sin codificación • http://knowledgebase.serena.com/resources/sites/KNOWLEDGEBASE/content/live/SOLUTIONS/142000/S142001/en_US/sbm_11.7.1_security_bulletin.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18944
https://notcve.org/view.php?id=CVE-2019-18944
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. Micro Focus Solutions Business Manager Application Repository versiones anteriores a 11.7.1, son vulnerables a un ataque de tipo XSS reflejado • http://knowledgebase.serena.com/resources/sites/KNOWLEDGEBASE/content/live/SOLUTIONS/142000/S142001/en_US/sbm_11.7.1_security_bulletin.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18945 – privilege escalation
https://notcve.org/view.php?id=CVE-2019-18945
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. Micro Focus Solutions Business Manager Application Repository versiones anteriores a 11.7.1, son vulnerables a una vulnerabilidad de escalada de privilegios • http://knowledgebase.serena.com/resources/sites/KNOWLEDGEBASE/content/live/SOLUTIONS/142000/S142001/en_US/sbm_11.7.1_security_bulletin.htm • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18947 – information disclosure
https://notcve.org/view.php?id=CVE-2019-18947
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. Micro Focus Solutions Business Manager Application Repository versiones anteriores a 11.7.1, son vulnerables a una divulgación de información • http://knowledgebase.serena.com/resources/sites/KNOWLEDGEBASE/content/live/SOLUTIONS/142000/S142001/en_US/sbm_11.7.1_security_bulletin.htm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •