Lucene search

MicrofocusCVELIST:CVE-2017-14362

HistoryDec 13, 2017 - 1:00 a.m.

CVE-2017-14362 MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities

2017-12-1301:00:00

microfocus

www.cve.org

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

26.3%

JSON

Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack.

CNA Affected

[
  {
    "product": "Project and Portfolio Management Center",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "9.32"
      }
    ]
  }
]

References

www.securitytracker.com/id/1040088

softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03014426

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

26.3%

JSON

Related for CVELIST:CVE-2017-14362