Service Manager Security Vulnerabilities and Issues — Service Manager CVE List

Lucene search

MicrofocusService Manager

16 matches found

cve•added 2019/09/18 10:15 p.m.•143 views

CVE-2019-11663

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.

6.5CVSS6.3AI score0.00102EPSS

cve•added 2019/09/18 10:15 p.m.•142 views

CVE-2019-11664

Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.

6.5CVSS6.4AI score0.00102EPSS

cve•added 2019/09/18 10:15 p.m.•140 views

CVE-2019-11662

Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message.

4.3CVSS4.4AI score0.00199EPSS

cve•added 2019/09/18 10:15 p.m.•137 views

CVE-2019-11661

Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data.

8.3CVSS8AI score0.00446EPSS

cve•added 2019/09/10 9:15 p.m.•95 views

CVE-2019-11668

HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.5...

7.5CVSS7.5AI score0.00316EPSS

cve•added 2019/09/10 9:15 p.m.•95 views

CVE-2019-11669

Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.

7.5CVSS7.3AI score0.00237EPSS

cve•added 2019/09/17 8:15 p.m.•93 views

CVE-2019-11665

Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.

7.5CVSS7.3AI score0.00316EPSS

cve•added 2019/09/17 7:15 p.m.•82 views

CVE-2019-11666

Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data.

8.8CVSS8.5AI score0.00242EPSS

cve•added 2019/09/17 6:15 p.m.•62 views

CVE-2019-11667

Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data.

7.5CVSS7.2AI score0.00377EPSS

cve•added 2019/06/03 5:29 p.m.•52 views

CVE-2019-11646

Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of...

9CVSS8.5AI score0.00566EPSS

cve•added 2020/03/09 4:15 p.m.•50 views

CVE-2020-9517

There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.

5.4CVSS5.5AI score0.00155EPSS

cve•added 2018/11/13 1:29 p.m.•42 views

CVE-2018-18591

A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data.

6.8CVSS6.3AI score0.00215EPSS

cve•added 2018/05/22 6:29 p.m.•42 views

CVE-2018-6494

Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data.

6.4CVSS6.2AI score0.00117EPSS

cve•added 2020/03/16 2:15 p.m.•36 views

CVE-2020-9518

Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.

5.3CVSS5.2AI score0.00425EPSS

cve•added 2020/05/19 3:15 p.m.•34 views

CVE-2020-11845

Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML.

6.1CVSS6.1AI score0.00213EPSS

cve•added 2020/03/16 1:15 p.m.•31 views

CVE-2020-9519

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data.

5.3CVSS5.2AI score0.00356EPSS