Lucene search
K
MicrofocusEnterprise Developer

12 matches found

CVE
CVE
added 2020/04/17 2:18 p.m.79 views

CVE-2020-9523

The CVE-2020-9523 issue affects Micro Focus Enterprise Server and Micro Focus Enterprise Developer (MFDS context) where credentials are insufficiently protected. Affected: all versions prior to 4.0 Patch Update 16 and 5.0 Patch Update 6. Root cause: failure to adequately protect hashed credential...

8.8CVSS8.6AI score0.00861EPSS
CVE
CVE
added 2020/05/18 1:19 p.m.66 views

CVE-2020-9524

Micro Focus Enterprise Server and Enterprise Developer (all versions prior to 5.0 Patch Update 8) are affected by a Cross-Site Scripting (XSS) vulnerability in the web application layer. The root cause is insufficient validation of client-side data, enabling both stored and reflected XSS scenario...

5.4CVSS5.3AI score0.0051EPSS
CVE
CVE
added 2023/07/20 1:1 p.m.55 views

CVE-2023-32265

Summary (CVE-2023-32265): The vulnerability affects the Enterprise Server Common Web Administration (ESCWA) component used across Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An authenticated ESCWA user could exploit conditions described in the ...

7.1CVSS6.5AI score0.00382EPSS
CVE
CVE
added 2017/08/21 3:0 p.m.54 views

CVE-2017-7422

The CVE-2017-7422 entry concerns Micro Focus Enterprise Developer and Enterprise Server (ESM/ESMAN) with the esfadmingui component. It documents reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui affecting version 2.3, including 2.3 Update 1 before Hotfix 8 and...

5.4CVSS5.4AI score0.0097EPSS
CVE
CVE
added 2017/08/21 3:0 p.m.51 views

CVE-2017-5187

CVE-2017-5187 describes a Cross-Site Request Forgery (CSRF) in Directory Server (Enterprise Server Administration web UI) of Micro Focus Enterprise Developer and Enterprise Server. Affected versions are 2.3 and earlier, including 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9. The ...

8.8CVSS8.6AI score0.00751EPSS
CVE
CVE
added 2017/08/21 3:0 p.m.49 views

CVE-2017-7421

CVE-2017-7421 describes Reflected and stored XSS (CWE-79) in Micro Focus Enterprise Developer/Enterprise Server, affecting Directory Server (Enterprise Server Administration web UI) and ESMAC. Impacted products: Micro Focus Enterprise Developer and Enterprise Server ≤ 2.3, including 2.3 Update 1 ...

6.1CVSS6AI score0.01259EPSS
CVE
CVE
added 2023/09/12 6:5 p.m.49 views

CVE-2023-4501

OpenText (Micro Focus) Visual COBOL, COBOL Server, and Enterprise products (including Enterprise Developer/Enterprise Server) are affected. The issue: LDAP-based authentication can bypass and allow login with any valid username (and any password) or even an invalid username with any password for ...

9.8CVSS9.6AI score0.00621EPSS
CVE
CVE
added 2019/10/02 8:11 p.m.48 views

CVE-2019-11651

The CVE-2019-11651 entry concerns a Reflected XSS in Micro Focus Enterprise Developer and Enterprise Server . All versions prior to specific patch updates are affected (3.0 Patch Update 20, 4.0 Patch Update 12, 5.0 Patch Update 2). The vulnerability could be exploited to redirect users to a malic...

6.1CVSS5.9AI score0.00785EPSS
CVE
CVE
added 2017/08/21 3:0 p.m.47 views

CVE-2017-7423

The CVE-2017-7423 issue affects Micro Focus Enterprise Developer and Enterprise Server (2.3, including 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9) where the esfadmingui component is vulnerable to Cross-Site Request Forgery (CSRF, CWE-352). An unauthenticated remote attacker can...

8.8CVSS8.5AI score0.00751EPSS
CVE
CVE
added 2018/10/12 1:0 p.m.46 views

CVE-2018-12469

Micro Focus Enterprise Developer and Enterprise Server are affected by CVE-2018-12469 due to incorrect handling of an invalid HTTP request parameter value in the Directory Server (Enterprise Server Administration web UI). Affects: 2.3 Update 2 and earlier; 3.0 before Patch Update 12; 4.0 before P...

7.5CVSS7.4AI score0.01054EPSS
CVE
CVE
added 2017/08/21 3:0 p.m.45 views

CVE-2017-7420

CVE-2017-7420 is a vulnerability in Micro Focus ESMAC (Enterprise Server Monitor and Control) used by Micro Focus Enterprise Developer and Enterprise Server up to 2.3 and earlier, including 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9. The issue is an authentication bypass (CWE-2...

9.8CVSS9.2AI score0.02444EPSS
CVE
CVE
added 2017/08/21 3:0 p.m.44 views

CVE-2017-7424

CVE-2017-7424 is a Path Traversal (CWE-22) vulnerability in esfadmingui of Micro Focus Enterprise Developer and Enterprise Server . It affects version 2.3, specifically 2.3 Update 1 before Hotfix 8 and 2.3 Update 2 before Hotfix 9 . The flaw enables remote authenticated users to download arbitrar...

6.5CVSS6.2AI score0.01785EPSS