Micro Focus Vulnerabilidad

Cronología

Escribe

Producto

Micro Focus Service Manager14
Micro Focus Arcsight Logger13
Micro Focus Enterprise Server11
Micro Focus Enterprise Developer11
Micro Focus Solutions Business Manager10

Contramedidas

Official Fix80
Temporary Fix0
Workaround0
Unavailable0
Not Defined91

Explotabilidad

High3
Functional1
Proof-of-Concept12
Unproven0
Not Defined155

Vector de acceso

Not Defined0
Physical0
Local8
Adjacent18
Network145

Autenticación

Not Defined0
High6
Low89
None76

La interacción del usuario

Not Defined0
Required53
None118

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤412
≤526
≤638
≤737
≤830
≤921
≤106

CVSSv3 Temp

≤10
≤20
≤31
≤417
≤523
≤636
≤740
≤828
≤921
≤105

VulDB

≤10
≤21
≤32
≤433
≤529
≤635
≤729
≤833
≤93
≤106

NVD

≤10
≤20
≤30
≤40
≤59
≤618
≤732
≤834
≤916
≤1027

CNA

≤10
≤20
≤32
≤41
≤52
≤65
≤79
≤89
≤94
≤104

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k50
<2k76
<5k45
<10k0
<25k0
<50k0
<100k0
≥100k0

Explotar hoy

<1k164
<2k6
<5k1
<10k0
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (82): Access Manager (3), AcuToWeb (1), Application Lifecycle Management (1), Application Performance Management (4), ArcSight Enterprise Security Manager (4), ArcSight Logger (4), ArcSight Management Center (6), Arcsight Logger (13), Business Manager (5), CMS (1), COBOL Server (1), Client for OES (1), Content Manager (3), Data Center Automation Containerized Suite (2), Data Protector (3), Dimensions CM Plugin (1), Dimensions Plugin (2), Directory and Resource Administrator (1), Enterprise Developer (11), Enterprise Server (11), Enterprise Test Server (1), Filr (5), Fortify Audit Workbench (1), Fortify Software Security Center (4), GroupWise (1), GroupWise Web (1), Host Access Management (1), Hybrid Cloud Management Containerized Suite (2), IDOL (1), Identity Manager (1), Manager (1), NetIQ (2), NetIQ Access Manager (3), Network Automation (2), Network Operations Management Suite (2), Novell Groupwise (3), Novell Service Desk (4), OpenText (1), Operation Agent (1), Operation Bridge (1), Operation Bridge Manager (1), Operation Bridge Reporter (4), Operation bridge Manager (1), Operations Agent (3), Operations Bridge (2), Operations Bridge Containerized (1), Operations Bridge Containerized Suite (3), Operations Bridge Manager (2), Operations Manager i (1), Operations Orchestration (1), Portfolio Management Center (3), Project (3), RUMBA (3), Real User Monitoring Software (1), Reflection Security Gateway (1), Reflection ZFE (1), Reflection for the Web (1), Rumba FTP (1), Secure API Manager (1), Secure Messaging Gateway (3), Security Server (1), Self Service Password Reset (3), Service Management Automation (1), Service Management Automation Suite (2), Service Manager (14), Service Manager Automation (1), Service Manager Chat Server (1), Service Manager Chat Service (1), Service Manager Release Control (1), SiteScope (1), Solution Business Manager (1), Solutions Business Manager (10), UCMDB Browser (1), Universal CMDB (3), Universal CMDB Foundation (1), Verastream Host Integrator (4), Vibe (2), VisiBroker (3), Visual COBOL (1), Voltage SecureMail Mail Relay (1), ZENworks (1), ZENworks Configuration Management (1)

Link to Vendor Website: https://www.microfocus.com/

Fecha de publicaciónBaseTempVulnerabilidadProdExpConCTIEPSSCVE
2023-12-094.64.5Micro Focus ArcSight Management Center cross site scriptingDesconocidoNot DefinedOfficial Fix0.090.00045CVE-2020-25835
2023-09-139.89.6Micro Focus OpenText autenticación débilDesconocidoNot DefinedOfficial Fix0.040.00091CVE-2023-4501
2023-08-117.37.3Micro Focus ArcSight Management Center Privilege EscalationDesconocidoNot DefinedNot Defined0.000.00050CVE-2023-32267
2023-07-206.66.6Micro Focus Enterprise Server Enterprise Server Common Web Administration escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00049CVE-2023-32265
2023-07-193.83.8Micro Focus Dimensions CM Plugin autenticación débilJenkins PluginNot DefinedNot Defined0.000.00049CVE-2023-32263
2023-06-173.53.4Micro Focus Dimensions Plugin escalada de privilegiosJenkins PluginNot DefinedOfficial Fix0.000.00066CVE-2023-32261
2023-06-163.53.5Micro Focus Dimensions Plugin divulgación de informaciónJenkins PluginNot DefinedNot Defined0.000.00066CVE-2023-32262
2023-06-144.84.7Micro Focus ArcSight Logger cross site scriptingLog Management SoftwareNot DefinedOfficial Fix0.020.00052CVE-2023-24469
2023-06-147.37.2Micro Focus ArcSight Logger XML External EntityLog Management SoftwareNot DefinedOfficial Fix0.000.00065CVE-2023-24470
2022-12-237.27.2Micro Focus ZENworks Managed Device escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00160CVE-2022-38757
2022-12-174.34.2Micro Focus GroupWise Web GW Web divulgación de informaciónDesconocidoNot DefinedOfficial Fix0.030.00079CVE-2022-38756
2022-12-085.65.6Micro Focus Operations Bridge Containerized cross site scriptingVirtualization SoftwareNot DefinedOfficial Fix0.000.00078CVE-2022-38754
2022-11-215.35.2Micro Focus Filr divulgación de informaciónDesconocidoNot DefinedOfficial Fix0.000.00117CVE-2022-38755
2022-09-015.25.2Micro Focus ArcSight Logger cross site scriptingLog Management SoftwareNot DefinedNot Defined0.000.00078CVE-2022-26331
2022-09-015.85.8Micro Focus ArcSight Logger cross site scriptingLog Management SoftwareNot DefinedNot Defined0.000.00158CVE-2022-26330
2022-05-133.53.5Micro Focus NetIQ Access Manager cross site scriptingAccess Management SoftwareNot DefinedNot Defined0.020.00072CVE-2021-22531
2022-05-032.42.4Micro Focus NetIQ Access Manager cross site scriptingAccess Management SoftwareNot DefinedOfficial Fix0.000.00072CVE-2022-26325
2022-05-033.93.9Micro Focus NetIQ Access Manager URL RedirectAccess Management SoftwareNot DefinedOfficial Fix0.020.00072CVE-2022-26326
2022-04-127.37.3Micro Focus Operations Bridge Remote Code ExecutionDesconocidoNot DefinedNot Defined0.000.00525CVE-2021-38125
2022-02-053.53.4Micro Focus Voltage SecureMail Mail Relay divulgación de informaciónDesconocidoNot DefinedOfficial Fix0.040.00065CVE-2021-38130
2022-01-265.35.3Micro Focus Operations Agent Local Privilege EscalationDesconocidoNot DefinedNot Defined0.040.00042CVE-2021-38129
2022-01-153.53.5Micro Focus ArcSight Enterprise Security Manager cross site scriptingDesconocidoNot DefinedNot Defined0.000.00072CVE-2021-38127
2022-01-153.53.5Micro Focus ArcSight Enterprise Security Manager cross site scriptingDesconocidoNot DefinedNot Defined0.000.00072CVE-2021-38126
2021-09-284.34.1Micro Focus Directory and Resource Administrator divulgación de informaciónDesconocidoNot DefinedOfficial Fix0.000.00065CVE-2021-22535
2021-09-288.08.0Micro Focus ArcSight Enterprise Security Manager escalada de privilegiosDesconocidoNot DefinedNot Defined0.040.01092CVE-2021-38124

146 no se muestran más entradas

Do you need the next level of professionalism?

Upgrade your account now!