Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
32 vulnerabilities found for service_manager by microfocus
CVE-2020-11845 (GCVE-0-2020-11845)
Vulnerability from cvelistv5 – Published: 2020-05-19 14:05 – Updated: 2024-08-04 11:41
VLAI
Summary
Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML.
Severity
No CVSS data available.
CWE
- Cross Site Scripting.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03640285 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Service Manager. |
Affected:
9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:41:59.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:39.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager.",
"version": {
"version_data": [
{
"version_value": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03640285",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11845",
"datePublished": "2020-05-19T14:05:21.000Z",
"dateReserved": "2020-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:41:59.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9518 (GCVE-0-2020-9518)
Vulnerability from cvelistv5 – Published: 2020-03-16 13:01 – Updated: 2024-08-04 10:34
VLAI
Summary
Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.
Severity
No CVSS data available.
CWE
- Login filter can access configuration files
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03607792 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus International | Service Manager (Web Tier). |
Affected:
9.50, 9.51, 9.52, 9.60, 9.61, 9.62
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:39.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager (Web Tier).",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Login filter can access configuration files",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T13:01:28.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-9518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager (Web Tier).",
"version": {
"version_data": [
{
"version_value": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Login filter can access configuration files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03607792",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-9518",
"datePublished": "2020-03-16T13:01:28.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:39.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9519 (GCVE-0-2020-9519)
Vulnerability from cvelistv5 – Published: 2020-03-16 13:00 – Updated: 2024-08-04 10:34
VLAI
Summary
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data.
Severity
No CVSS data available.
CWE
- HTTP methods reveled in Web services.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03607789 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus International | Service Manager (Server). |
Affected:
9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager (Server).",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP methods reveled in Web services.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T13:00:11.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-9519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager (Server).",
"version": {
"version_data": [
{
"version_value": "9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP methods reveled in Web services."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03607789",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-9519",
"datePublished": "2020-03-16T13:00:11.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:38.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9517 (GCVE-0-2020-9517)
Vulnerability from cvelistv5 – Published: 2020-03-09 15:54 – Updated: 2024-08-04 10:34
VLAI
Summary
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
Severity
No CVSS data available.
CWE
- Improper restriction of rendered UI layers or frames
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03604692 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus International | Service Manager |
Affected:
9.50, 9.60
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03604692"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "9.50, 9.60"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper restriction of rendered UI layers or frames",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:03.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03604692"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-9517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.50, 9.60"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper restriction of rendered UI layers or frames"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03604692",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03604692"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-9517",
"datePublished": "2020-03-09T15:54:33.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:38.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11662 (GCVE-0-2019-11662)
Vulnerability from cvelistv5 – Published: 2019-09-18 21:55 – Updated: 2024-08-04 23:03
VLAI
Summary
Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message.
Severity
No CVSS data available.
CWE
- Class and method names in error message.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Class and method names in error message.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:40.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Class and method names in error message."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11662",
"datePublished": "2019-09-18T21:55:49.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11661 (GCVE-0-2019-11661)
Vulnerability from cvelistv5 – Published: 2019-09-18 21:50 – Updated: 2024-08-04 23:03
VLAI
Summary
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data.
Severity
No CVSS data available.
CWE
- Allow changes to some table by non-SysAdmin
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Allow changes to some table by non-SysAdmin",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:37.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Allow changes to some table by non-SysAdmin"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11661",
"datePublished": "2019-09-18T21:50:05.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11664 (GCVE-0-2019-11664)
Vulnerability from cvelistv5 – Published: 2019-09-18 21:35 – Updated: 2024-08-04 23:03
VLAI
Summary
Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
Severity
No CVSS data available.
CWE
- Clear text password in browser
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Clear text password in browser",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:49.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Clear text password in browser"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11664",
"datePublished": "2019-09-18T21:35:55.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11663 (GCVE-0-2019-11663)
Vulnerability from cvelistv5 – Published: 2019-09-18 21:29 – Updated: 2024-08-04 23:03
VLAI
Summary
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
Severity
No CVSS data available.
CWE
- Clear text credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Clear text credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:08.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Clear text credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11663",
"datePublished": "2019-09-18T21:29:59.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11665 (GCVE-0-2019-11665)
Vulnerability from cvelistv5 – Published: 2019-09-17 19:01 – Updated: 2024-08-04 23:03
VLAI
Summary
Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
Severity
No CVSS data available.
CWE
- Data exposure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Data exposure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:50.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Data exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11665",
"datePublished": "2019-09-17T19:01:27.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11666 (GCVE-0-2019-11666)
Vulnerability from cvelistv5 – Published: 2019-09-17 18:52 – Updated: 2024-08-04 23:03
VLAI
Summary
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data.
Severity
No CVSS data available.
CWE
- Insecure deserialization of untrusted data.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure deserialization of untrusted data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:43.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure deserialization of untrusted data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11666",
"datePublished": "2019-09-17T18:52:03.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11667 (GCVE-0-2019-11667)
Vulnerability from cvelistv5 – Published: 2019-09-17 17:13 – Updated: 2024-08-04 23:03
VLAI
Summary
Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data.
Severity
No CVSS data available.
CWE
- Unauthorized access to contact information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03517346 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.41
Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized access to contact information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:46.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62."
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access to contact information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03517346",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11667",
"datePublished": "2019-09-17T17:13:56.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11669 (GCVE-0-2019-11669)
Vulnerability from cvelistv5 – Published: 2019-09-10 20:32 – Updated: 2024-08-04 23:03
VLAI
Summary
Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.
Severity
No CVSS data available.
CWE
- Modifiable read only check box in FF
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03517334 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.60p1
Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.60p1"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Modifiable read only check box in FF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:40.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.60p1"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Modifiable read only check box in FF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03517334",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11669",
"datePublished": "2019-09-10T20:32:26.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11668 (GCVE-0-2019-11668)
Vulnerability from cvelistv5 – Published: 2019-09-10 20:25 – Updated: 2024-08-04 23:03
VLAI
Summary
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
Severity
No CVSS data available.
CWE
- HTTP cookie
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03517335 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Service Manager, Service Manager – Chat Service. Server Manager – Chat Service. |
Affected:
Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager, Service Manager \u2013 Chat Service. Server Manager \u2013 Chat Service.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP cookie",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517335"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager, Service Manager \u2013 Chat Service. Server Manager \u2013 Chat Service.",
"version": {
"version_data": [
{
"version_value": "Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP cookie"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03517335",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517335"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11668",
"datePublished": "2019-09-10T20:25:45.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11646 (GCVE-0-2019-11646)
Vulnerability from cvelistv5 – Published: 2019-06-03 16:47 – Updated: 2024-08-04 23:03
VLAI
Summary
Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information.
Severity
No CVSS data available.
CWE
- Remote unauthorized command execution and unauthorized disclosure of information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03452977 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Micro Focus Service Manager |
Affected:
9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03452977"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus Service Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote unauthorized command execution and unauthorized disclosure of information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:55.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03452977"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote unauthorized command execution and unauthorized disclosure of information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03452977",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03452977"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11646",
"datePublished": "2019-06-03T16:47:36.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18591 (GCVE-0-2018-18591)
Vulnerability from cvelistv5 – Published: 2018-11-13 13:00 – Updated: 2024-09-17 01:56
VLAI
Title
MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data
Summary
A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data.
Severity
6.8 (Medium)
CWE
- Unauthorized Disclosure of Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/document/… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Micro Focus Service Manager |
Affected:
9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51
|
Date Public
2018-11-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:16:00.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51"
}
]
}
],
"datePublic": "2018-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data."
}
],
"exploits": [
{
"lang": "en",
"value": "Unauthorized Disclosure of Data"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized Disclosure of Data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-11-12T17:00:00.000Z",
"ID": "CVE-2018-18591",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Unauthorized Disclosure of Data"
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized Disclosure of Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-18591",
"datePublished": "2018-11-13T13:00:00.000Z",
"dateReserved": "2018-10-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:56:18.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11845 (GCVE-0-2020-11845)
Vulnerability from nvd – Published: 2020-05-19 14:05 – Updated: 2024-08-04 11:41
VLAI
Summary
Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML.
Severity
No CVSS data available.
CWE
- Cross Site Scripting.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03640285 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Service Manager. |
Affected:
9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:41:59.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:39.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager.",
"version": {
"version_data": [
{
"version_value": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03640285",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03640285"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11845",
"datePublished": "2020-05-19T14:05:21.000Z",
"dateReserved": "2020-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:41:59.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9518 (GCVE-0-2020-9518)
Vulnerability from nvd – Published: 2020-03-16 13:01 – Updated: 2024-08-04 10:34
VLAI
Summary
Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.
Severity
No CVSS data available.
CWE
- Login filter can access configuration files
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03607792 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus International | Service Manager (Web Tier). |
Affected:
9.50, 9.51, 9.52, 9.60, 9.61, 9.62
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:39.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager (Web Tier).",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Login filter can access configuration files",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T13:01:28.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-9518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager (Web Tier).",
"version": {
"version_data": [
{
"version_value": "9.50, 9.51, 9.52, 9.60, 9.61, 9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Login filter can access configuration files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03607792",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-9518",
"datePublished": "2020-03-16T13:01:28.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:39.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9519 (GCVE-0-2020-9519)
Vulnerability from nvd – Published: 2020-03-16 13:00 – Updated: 2024-08-04 10:34
VLAI
Summary
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data.
Severity
No CVSS data available.
CWE
- HTTP methods reveled in Web services.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03607789 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus International | Service Manager (Server). |
Affected:
9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager (Server).",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP methods reveled in Web services.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T13:00:11.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-9519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager (Server).",
"version": {
"version_data": [
{
"version_value": "9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP methods reveled in Web services."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03607789",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-9519",
"datePublished": "2020-03-16T13:00:11.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:38.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9517 (GCVE-0-2020-9517)
Vulnerability from nvd – Published: 2020-03-09 15:54 – Updated: 2024-08-04 10:34
VLAI
Summary
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
Severity
No CVSS data available.
CWE
- Improper restriction of rendered UI layers or frames
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03604692 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus International | Service Manager |
Affected:
9.50, 9.60
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03604692"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "9.50, 9.60"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper restriction of rendered UI layers or frames",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:03.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03604692"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-9517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.50, 9.60"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper restriction of rendered UI layers or frames"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03604692",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03604692"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-9517",
"datePublished": "2020-03-09T15:54:33.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:38.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11662 (GCVE-0-2019-11662)
Vulnerability from nvd – Published: 2019-09-18 21:55 – Updated: 2024-08-04 23:03
VLAI
Summary
Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message.
Severity
No CVSS data available.
CWE
- Class and method names in error message.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Class and method names in error message.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:40.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Class and method names in error message."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11662",
"datePublished": "2019-09-18T21:55:49.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11661 (GCVE-0-2019-11661)
Vulnerability from nvd – Published: 2019-09-18 21:50 – Updated: 2024-08-04 23:03
VLAI
Summary
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data.
Severity
No CVSS data available.
CWE
- Allow changes to some table by non-SysAdmin
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Allow changes to some table by non-SysAdmin",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:37.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Allow changes to some table by non-SysAdmin"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11661",
"datePublished": "2019-09-18T21:50:05.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11664 (GCVE-0-2019-11664)
Vulnerability from nvd – Published: 2019-09-18 21:35 – Updated: 2024-08-04 23:03
VLAI
Summary
Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
Severity
No CVSS data available.
CWE
- Clear text password in browser
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Clear text password in browser",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:49.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Clear text password in browser"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11664",
"datePublished": "2019-09-18T21:35:55.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11663 (GCVE-0-2019-11663)
Vulnerability from nvd – Published: 2019-09-18 21:29 – Updated: 2024-08-04 23:03
VLAI
Summary
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
Severity
No CVSS data available.
CWE
- Clear text credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Clear text credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:08.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Clear text credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11663",
"datePublished": "2019-09-18T21:29:59.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11665 (GCVE-0-2019-11665)
Vulnerability from nvd – Published: 2019-09-17 19:01 – Updated: 2024-08-04 23:03
VLAI
Summary
Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
Severity
No CVSS data available.
CWE
- Data exposure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Data exposure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:50.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Data exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11665",
"datePublished": "2019-09-17T19:01:27.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11666 (GCVE-0-2019-11666)
Vulnerability from nvd – Published: 2019-09-17 18:52 – Updated: 2024-08-04 23:03
VLAI
Summary
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data.
Severity
No CVSS data available.
CWE
- Insecure deserialization of untrusted data.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03518316 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.30
Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.40 Affected: 9.41 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure deserialization of untrusted data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:43.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30"
},
{
"version_value": "9.31"
},
{
"version_value": "9.32"
},
{
"version_value": "9.33"
},
{
"version_value": "9.34"
},
{
"version_value": "9.35"
},
{
"version_value": "9.40"
},
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure deserialization of untrusted data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03518316",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03518316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11666",
"datePublished": "2019-09-17T18:52:03.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11667 (GCVE-0-2019-11667)
Vulnerability from nvd – Published: 2019-09-17 17:13 – Updated: 2024-08-04 23:03
VLAI
Summary
Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data.
Severity
No CVSS data available.
CWE
- Unauthorized access to contact information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03517346 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.41
Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.60 Affected: 9.61 Affected: 9.62. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized access to contact information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:46.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.41"
},
{
"version_value": "9.50"
},
{
"version_value": "9.51"
},
{
"version_value": "9.52"
},
{
"version_value": "9.60"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62."
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access to contact information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03517346",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11667",
"datePublished": "2019-09-17T17:13:56.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11669 (GCVE-0-2019-11669)
Vulnerability from nvd – Published: 2019-09-10 20:32 – Updated: 2024-08-04 23:03
VLAI
Summary
Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.
Severity
No CVSS data available.
CWE
- Modifiable read only check box in FF
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03517334 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Service Manager |
Affected:
9.60p1
Affected: 9.61 Affected: 9.62 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.60p1"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Modifiable read only check box in FF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:40.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager",
"version": {
"version_data": [
{
"version_value": "9.60p1"
},
{
"version_value": "9.61"
},
{
"version_value": "9.62"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Modifiable read only check box in FF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03517334",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11669",
"datePublished": "2019-09-10T20:32:26.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:32.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11668 (GCVE-0-2019-11668)
Vulnerability from nvd – Published: 2019-09-10 20:25 – Updated: 2024-08-04 23:03
VLAI
Summary
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
Severity
No CVSS data available.
CWE
- HTTP cookie
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03517335 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Service Manager, Service Manager – Chat Service. Server Manager – Chat Service. |
Affected:
Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Service Manager, Service Manager \u2013 Chat Service. Server Manager \u2013 Chat Service.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP cookie",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517335"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Service Manager, Service Manager \u2013 Chat Service. Server Manager \u2013 Chat Service.",
"version": {
"version_data": [
{
"version_value": "Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP cookie"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03517335",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03517335"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11668",
"datePublished": "2019-09-10T20:25:45.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11646 (GCVE-0-2019-11646)
Vulnerability from nvd – Published: 2019-06-03 16:47 – Updated: 2024-08-04 23:03
VLAI
Summary
Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information.
Severity
No CVSS data available.
CWE
- Remote unauthorized command execution and unauthorized disclosure of information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/doc/KM03452977 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Micro Focus Service Manager |
Affected:
9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03452977"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus Service Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote unauthorized command execution and unauthorized disclosure of information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:55.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03452977"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote unauthorized command execution and unauthorized disclosure of information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03452977",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03452977"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11646",
"datePublished": "2019-06-03T16:47:36.000Z",
"dateReserved": "2019-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:03:31.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18591 (GCVE-0-2018-18591)
Vulnerability from nvd – Published: 2018-11-13 13:00 – Updated: 2024-09-17 01:56
VLAI
Title
MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data
Summary
A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data.
Severity
6.8 (Medium)
CWE
- Unauthorized Disclosure of Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://softwaresupport.softwaregrp.com/document/… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Micro Focus | Micro Focus Service Manager |
Affected:
9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51
|
Date Public
2018-11-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:16:00.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus Service Manager",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51"
}
]
}
],
"datePublic": "2018-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data."
}
],
"exploits": [
{
"lang": "en",
"value": "Unauthorized Disclosure of Data"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized Disclosure of Data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-11-12T17:00:00.000Z",
"ID": "CVE-2018-18591",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus Service Manager",
"version": {
"version_data": [
{
"version_value": "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Unauthorized Disclosure of Data"
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized Disclosure of Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-18591",
"datePublished": "2018-11-13T13:00:00.000Z",
"dateReserved": "2018-10-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:56:18.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}