Microfocus ≫ Solutions Business Manager

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

9.8

CVE-2018-19641

EPSS 0.63%
Published 27.03.2019 17:29:02
Last modified 21.11.2024 03:58:20

Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

9.8

CVE-2018-19645

EPSS 0.43%
Published 12.02.2019 20:29:00
Last modified 21.11.2024 03:58:20

An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

6.5

CVE-2018-7682

EPSS 0.27%
Published 22.06.2018 22:29:00
Last modified 21.11.2024 04:12:31

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.

9.8

CVE-2018-7679

EPSS 1.78%
Published 21.06.2018 19:29:00
Last modified 21.11.2024 04:12:31

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

7.5

CVE-2018-7683

EPSS 0.32%
Published 21.06.2018 19:29:00
Last modified 21.11.2024 04:12:32

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.

4.8

CVE-2018-7681

EPSS 0.21%
Published 21.06.2018 19:29:00
Last modified 21.11.2024 04:12:31

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system.

6.1

CVE-2018-7680

EPSS 0.24%
Published 21.06.2018 19:29:00
Last modified 21.11.2024 04:12:31

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values.

<12