Micro Focus Luki w zabezpieczeniach

Oś czasu

Rodzaj

Not Defined	122
Log Management Software	17
Access Management Software	7
Automation Software	7
Reporting Software	4

Produkt

Micro Focus Service Manager	14
Micro Focus Arcsight Logger	13
Micro Focus Enterprise Server	11
Micro Focus Enterprise Developer	11
Micro Focus Solutions Business Manager	10

Przeciwdziałanie

Official Fix	80
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	91

Wykorzystywanie

High	3
Functional	1
Proof-of-Concept	12
Unproven	0
Not Defined	155

Wektor dostępu

Not Defined	0
Physical	0
Local	8
Adjacent	18
Network	145

Uwierzytelnianie

Not Defined	0
High	6
Low	89
None	76

Interakcja z użytkownikiem

Not Defined	0
Required	53
None	118

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	12
≤5	26
≤6	38
≤7	37
≤8	30
≤9	21
≤10	6

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	17
≤5	23
≤6	36
≤7	40
≤8	28
≤9	21
≤10	5

VulDB

≤1	0
≤2	1
≤3	2
≤4	33
≤5	29
≤6	35
≤7	29
≤8	33
≤9	3
≤10	6

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	9
≤6	18
≤7	32
≤8	34
≤9	16
≤10	27

CNA

≤1	0
≤2	0
≤3	2
≤4	1
≤5	2
≤6	5
≤7	9
≤8	9
≤9	4
≤10	4

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	50
<2k	77
<5k	44
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	165
<2k	5
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (82): Access Manager (3), AcuToWeb (1), Application Lifecycle Management (1), Application Performance Management (4), ArcSight Enterprise Security Manager (4), ArcSight Logger (4), ArcSight Management Center (6), Arcsight Logger (13), Business Manager (5), CMS (1), COBOL Server (1), Client for OES (1), Content Manager (3), Data Center Automation Containerized Suite (2), Data Protector (3), Dimensions CM Plugin (1), Dimensions Plugin (2), Directory and Resource Administrator (1), Enterprise Developer (11), Enterprise Server (11), Enterprise Test Server (1), Filr (5), Fortify Audit Workbench (1), Fortify Software Security Center (4), GroupWise (1), GroupWise Web (1), Host Access Management (1), Hybrid Cloud Management Containerized Suite (2), IDOL (1), Identity Manager (1), Manager (1), NetIQ (2), NetIQ Access Manager (3), Network Automation (2), Network Operations Management Suite (2), Novell Groupwise (3), Novell Service Desk (4), OpenText (1), Operation Agent (1), Operation Bridge (1), Operation Bridge Manager (1), Operation Bridge Reporter (4), Operation bridge Manager (1), Operations Agent (3), Operations Bridge (2), Operations Bridge Containerized (1), Operations Bridge Containerized Suite (3), Operations Bridge Manager (2), Operations Manager i (1), Operations Orchestration (1), Portfolio Management Center (3), Project (3), RUMBA (3), Real User Monitoring Software (1), Reflection Security Gateway (1), Reflection ZFE (1), Reflection for the Web (1), Rumba FTP (1), Secure API Manager (1), Secure Messaging Gateway (3), Security Server (1), Self Service Password Reset (3), Service Management Automation (1), Service Management Automation Suite (2), Service Manager (14), Service Manager Automation (1), Service Manager Chat Server (1), Service Manager Chat Service (1), Service Manager Release Control (1), SiteScope (1), Solution Business Manager (1), Solutions Business Manager (10), UCMDB Browser (1), Universal CMDB (3), Universal CMDB Foundation (1), Verastream Host Integrator (4), Vibe (2), VisiBroker (3), Visual COBOL (1), Voltage SecureMail Mail Relay (1), ZENworks (1), ZENworks Configuration Management (1)

Link to Vendor Website: https://www.microfocus.com/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	EPSS	CTI	CVE
2023-12-09	4.6	4.5	Micro Focus ArcSight Management Center cross site scripting	Nieznany	Not Defined	Official Fix	0.00045	0.09	CVE-2020-25835
2023-09-13	9.8	9.6	Micro Focus OpenText weak authentication	Nieznany	Not Defined	Official Fix	0.00091	0.07	CVE-2023-4501
2023-08-11	7.3	7.3	Micro Focus ArcSight Management Center Privilege Escalation	Nieznany	Not Defined	Not Defined	0.00050	0.00	CVE-2023-32267
2023-07-20	6.6	6.6	Micro Focus Enterprise Server Enterprise Server Common Web Administration privilege escalation	Nieznany	Not Defined	Not Defined	0.00049	0.00	CVE-2023-32265
2023-07-19	3.8	3.8	Micro Focus Dimensions CM Plugin weak authentication	Jenkins Plugin	Not Defined	Not Defined	0.00049	0.00	CVE-2023-32263
2023-06-17	3.5	3.4	Micro Focus Dimensions Plugin privilege escalation	Jenkins Plugin	Not Defined	Official Fix	0.00066	0.00	CVE-2023-32261
2023-06-16	3.5	3.5	Micro Focus Dimensions Plugin information disclosure	Jenkins Plugin	Not Defined	Not Defined	0.00066	0.00	CVE-2023-32262
2023-06-14	4.8	4.7	Micro Focus ArcSight Logger cross site scripting	Log Management Software	Not Defined	Official Fix	0.00052	0.02	CVE-2023-24469
2023-06-14	7.3	7.2	Micro Focus ArcSight Logger XML External Entity	Log Management Software	Not Defined	Official Fix	0.00065	0.00	CVE-2023-24470
2022-12-23	7.2	7.2	Micro Focus ZENworks Managed Device privilege escalation	Nieznany	Not Defined	Not Defined	0.00160	0.00	CVE-2022-38757
2022-12-17	4.3	4.2	Micro Focus GroupWise Web GW Web information disclosure	Nieznany	Not Defined	Official Fix	0.00079	0.03	CVE-2022-38756
2022-12-08	5.6	5.6	Micro Focus Operations Bridge Containerized cross site scripting	Virtualization Software	Not Defined	Official Fix	0.00078	0.00	CVE-2022-38754
2022-11-21	5.3	5.2	Micro Focus Filr information disclosure	Nieznany	Not Defined	Official Fix	0.00117	0.00	CVE-2022-38755
2022-09-01	5.2	5.2	Micro Focus ArcSight Logger cross site scripting	Log Management Software	Not Defined	Not Defined	0.00078	0.00	CVE-2022-26331
2022-09-01	5.8	5.8	Micro Focus ArcSight Logger cross site scripting	Log Management Software	Not Defined	Not Defined	0.00158	0.02	CVE-2022-26330
2022-05-13	3.5	3.5	Micro Focus NetIQ Access Manager cross site scripting	Access Management Software	Not Defined	Not Defined	0.00072	0.03	CVE-2021-22531
2022-05-03	2.4	2.4	Micro Focus NetIQ Access Manager cross site scripting	Access Management Software	Not Defined	Official Fix	0.00072	0.06	CVE-2022-26325
2022-05-03	3.9	3.9	Micro Focus NetIQ Access Manager URL Redirect	Access Management Software	Not Defined	Official Fix	0.00072	0.02	CVE-2022-26326
2022-04-12	7.3	7.3	Micro Focus Operations Bridge Remote Code Execution	Nieznany	Not Defined	Not Defined	0.00525	0.00	CVE-2021-38125
2022-02-05	3.5	3.4	Micro Focus Voltage SecureMail Mail Relay information disclosure	Nieznany	Not Defined	Official Fix	0.00065	0.04	CVE-2021-38130
2022-01-26	5.3	5.3	Micro Focus Operations Agent Local Privilege Escalation	Nieznany	Not Defined	Not Defined	0.00042	0.04	CVE-2021-38129
2022-01-15	3.5	3.5	Micro Focus ArcSight Enterprise Security Manager cross site scripting	Nieznany	Not Defined	Not Defined	0.00072	0.00	CVE-2021-38127
2022-01-15	3.5	3.5	Micro Focus ArcSight Enterprise Security Manager cross site scripting	Nieznany	Not Defined	Not Defined	0.00072	0.00	CVE-2021-38126
2021-09-28	4.3	4.1	Micro Focus Directory and Resource Administrator information disclosure	Nieznany	Not Defined	Official Fix	0.00065	0.00	CVE-2021-22535
2021-09-28	8.0	8.0	Micro Focus ArcSight Enterprise Security Manager privilege escalation	Nieznany	Not Defined	Not Defined	0.01092	0.00	CVE-2021-38124

146 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 146 results.

◂ PoprzedniPrzeglądKolejny ▸

Do you need the next level of professionalism?

Upgrade your account now!