52 matches found
CVE-2017-7423
A Cross-Site Request Forgery CWE-352 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes...
CVE-2017-7422
The CVE-2017-7422 entry concerns Micro Focus Enterprise Developer and Enterprise Server (ESM/ESMAN) with the esfadmingui component. It documents reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui affecting version 2.3, including 2.3 Update 1 before Hotfix 8 and...
CVE-2017-5187
A Cross-Site Request Forgery CWE-352 vulnerability in Directory Server aka Enterprise Server Administration web UI in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to...
CVE-2017-7423
The CVE-2017-7423 issue affects Micro Focus Enterprise Developer and Enterprise Server (2.3, including 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9) where the esfadmingui component is vulnerable to Cross-Site Request Forgery (CSRF, CWE-352). An unauthenticated remote attacker can...
CVE-2017-5187
CVE-2017-5187 describes a Cross-Site Request Forgery (CSRF) in Directory Server (Enterprise Server Administration web UI) of Micro Focus Enterprise Developer and Enterprise Server. Affected versions are 2.3 and earlier, including 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9. The ...
CVE-2017-7421
Reflected and stored Cross-Site Scripting XSS, CWE-79 vulnerabilities in Directory Server aka Enterprise Server Administration web UI and ESMAC aka Enterprise Server Monitor and Control in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2....
CVE-2017-7420
CVE-2017-7420 is a vulnerability in Micro Focus ESMAC (Enterprise Server Monitor and Control) used by Micro Focus Enterprise Developer and Enterprise Server up to 2.3 and earlier, including 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9. The issue is an authentication bypass (CWE-2...
CVE-2017-7424
CVE-2017-7424 is a Path Traversal (CWE-22) vulnerability in esfadmingui of Micro Focus Enterprise Developer and Enterprise Server . It affects version 2.3, specifically 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9 . The flaw enables remote authenticated users to download arbitrar...
CVE-2017-7421
CVE-2017-7421 describes Reflected and stored XSS (CWE-79) in Micro Focus Enterprise Developer/Enterprise Server, affecting Directory Server (Enterprise Server Administration web UI) and ESMAC. Impacted products: Micro Focus Enterprise Developer and Enterprise Server ≤ 2.3, including 2.3 Update 1 ...
Error: "Untrusted Enterprise Developer" When Launching Secure Apps on iOS
Users who have upgraded their Apple devices to iOS 9 are unable to launch Secure Apps. The apps appear to be greyed out. When the user clicks on Secure Apps, the following error message is displayed: “Untrusted Enterprise Developer” Users with older iOS versions are prompted to trust the...
(RHSA-2015:1853) Low: Red Hat Enterprise Developer Toolset Version 2 Retirement Notice
In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 2 offering was retired on September 30, 2015, and support is no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security...
Hacking Team Couldn't Hack Your iPhone
More than 36 hours after the huge cache of data from Hacking Team’s corporate network was dumped online, researchers are continuing to find surprising bits and pieces in the documents. Among them is evidence that the company had an enterprise developer certificate from Apple, allowing it to devel...