Lucene search

Solutions Business Manager Security Vulnerabilities

cve

CVE-2018-19641

Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

9.8CVSS

9.6AI Score

0.009EPSS

2019-03-27 05:29 PM

cve

CVE-2018-19642

Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

7.5CVSS

7.4AI Score

0.001EPSS

2019-03-27 05:29 PM

cve

CVE-2018-19643

Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

7.5CVSS

7.4AI Score

0.002EPSS

2019-03-27 06:29 PM

cve

CVE-2018-19644

Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

6.1CVSS

6.1AI Score

0.001EPSS

2019-03-27 06:29 PM

cve

CVE-2018-19645

An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

9.8CVSS

9.3AI Score

0.003EPSS

2019-02-12 08:29 PM

cve

CVE-2018-7679

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

9.8CVSS

9.6AI Score

0.021EPSS

2018-06-21 07:29 PM

cve

CVE-2018-7680

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values.

6.1CVSS

6.2AI Score

0.001EPSS

2018-06-21 07:29 PM

cve

CVE-2018-7681

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system.

4.8CVSS

5.1AI Score

0.001EPSS

2018-06-21 07:29 PM

cve

CVE-2018-7682

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.

6.5CVSS

6.3AI Score

0.001EPSS

2018-06-22 10:29 PM

cve

CVE-2018-7683

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.

7.5CVSS

7.2AI Score

0.002EPSS

2018-06-21 07:29 PM

cve

CVE-2019-18942

Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.

5.5CVSS

5AI Score

0.0004EPSS

2021-02-26 04:15 AM

cve

CVE-2019-18943

Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.

8CVSS

7.7AI Score

0.0004EPSS

2021-02-26 04:15 AM

cve

CVE-2019-18944

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.

4.9CVSS

5.1AI Score

0.0004EPSS

2021-02-26 04:15 AM

cve

CVE-2019-18945

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.

8CVSS

7.9AI Score

0.0004EPSS

2021-02-26 04:15 AM

cve

CVE-2019-18946

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.

4.8CVSS

5.1AI Score

0.0004EPSS

2021-02-26 04:15 AM

cve

CVE-2019-18947

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure.

3.5CVSS

3.9AI Score

0.0004EPSS

2021-02-26 04:15 AM

cve

CVE-2019-3477

Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect.

6.1CVSS

6.2AI Score

0.001EPSS

2019-06-07 05:29 PM