Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38753
This update resolves a multi-factor authentication bypass attack
Microfocus Netiq Advanced Authentication
Microfocus Netiq Advanced Authentication 6.4
578
VMScore
CVE-2021-22497
Advanced Authentication versions before 6.3 SP4 have a potential broken authentication due to improper session management issue.
Microfocus Netiq Advanced Authentication 6.3
Microfocus Netiq Advanced Authentication
356
VMScore
CVE-2021-22515
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions before 6.3 SP4 Patch 1.
Microfocus Netiq Advanced Authentication 6.3
Microfocus Netiq Advanced Authentication
555
VMScore
CVE-2012-5931
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
Microfocus Privileged User Manager 2.3.1
Microfocus Privileged User Manager 2.3.0
1 EDB exploit
1000
VMScore
CVE-2012-5932
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote malicious users to execute arbitrary Perl code via a crafted application/x-amf request.
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
645
VMScore
CVE-2012-5930
The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote malicious users to change the passwords of administrative accounts via a crafted ...
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
383
VMScore
CVE-2021-38127
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
383
VMScore
CVE-2021-38126
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
383
VMScore
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions before 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
Microfocus Netiq Self Service Password Reset
Microfocus Netiq Self Service Password Reset 4.4
NA
CVE-2023-32268
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators.
Microfocus Filr
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »