CVE-2019-11651

EPSS 0.24%
Veröffentlicht 02.10.2019 21:15:10
Zuletzt bearbeitet 21.11.2024 04:21:31
Quelle security@opentext.com
Teams Watchlist Login
Unerledigt Login

Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microfocus ≫ Enterprise Developer Version3.0 Update-

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_1

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_10

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_11

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_12

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_13

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_14

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_15

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_16

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_17

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_18

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_19

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_2

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_3

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_4

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_5

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_6

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_7

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_8

Microfocus ≫ Enterprise Developer Version3.0 Updatepatch_9

Microfocus ≫ Enterprise Developer Version4.0 Update-

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_1

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_10

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_11

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_2

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_3

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_4

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_5

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_6

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_7

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_8

Microfocus ≫ Enterprise Developer Version4.0 Updatepatch_9

Microfocus ≫ Enterprise Developer Version5.0 Update-

Microfocus ≫ Enterprise Developer Version5.0 Updatepatch_1

Microfocus ≫ Enterprise Server Version3.0 Update-

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_1

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_10

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_11

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_12

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_13

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_14

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_15

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_16

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_17

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_18

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_19

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_2

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_3

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_4

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_5

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_6

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_7

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_8

Microfocus ≫ Enterprise Server Version3.0 Updatepatch_9

Microfocus ≫ Enterprise Server Version4.0 Update-

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_1

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_10

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_11

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_2

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_3

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_4

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_5

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_6

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_7

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_8

Microfocus ≫ Enterprise Server Version4.0 Updatepatch_9

Microfocus ≫ Enterprise Server Version5.0 Update-

Microfocus ≫ Enterprise Server Version5.0 Updatepatch_1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.445

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://softwaresupport.softwaregrp.com/doc/KM03532232

https://nvd.nist.gov/vuln/detail/CVE-2019-11651

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-11651

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-11651

EUVD