Lucene search
K
MicrofocusSolutions Business Manager

17 matches found

CVE
CVE
added 2021/02/26 3:7 a.m.93 views

CVE-2019-18947

Micro Focus Solutions Business Manager (SBM) Application Repository prior to version 11.7.1 is vulnerable to information disclosure. The issue arises from configuration and operational errors within a networked SBM deployment, allowing an unauthenticated or limited-privilege attacker to obtain se...

3.5CVSS3.6AI score0.00329EPSS
CVE
CVE
added 2021/02/26 3:12 a.m.82 views

CVE-2019-18945

CVE-2019-18945 affects Micro Focus Solutions Business Manager Application Repository. A privilege escalation vulnerability is present in SBM/Serena SBM versions prior to 11.7.1. Exploitation details are not provided in the supplied documents, but multiple sources confirm the issue, with an explic...

8CVSS7.7AI score0.00312EPSS
CVE
CVE
added 2021/02/26 3:32 a.m.80 views

CVE-2019-18943

CVE-2019-18943 affects Micro Focus Solutions Business Manager (SBM) prior to version 11.7.1, where XML External Entity Processing (XXE) on certain operations creates the vulnerability. Affected product/versions: SBM up to 11.7.0. Root cause: XXE vulnerability in SBM’s XML processing. Impact detai...

8CVSS6.9AI score0.00347EPSS
CVE
CVE
added 2021/02/26 3:4 a.m.79 views

CVE-2019-18946

CVE-2019-18946 concerns Micro Focus Solutions Business Manager (SBM) Application Repository versions prior to 11.7.1 , where a session fixation vulnerability is present. The connected sources corroborate the issue is tied to SBM prior to the 11.7.1 release. Root cause details are limited in the p...

4.8CVSS5.1AI score0.00255EPSS
CVE
CVE
added 2021/02/26 3:28 a.m.77 views

CVE-2019-18944

The CVE-2019-18944 affects Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 and is described as a reflected XSS vulnerability. Connected sources corroborate the issue as a cross‑site scripting flaw in SBM prior to 11.7.1. The exact exploit details and affecte...

4.9CVSS5.1AI score0.00305EPSS
CVE
CVE
added 2021/02/26 3:30 a.m.72 views

CVE-2019-18942

Micro Focus Solutions Business Manager (SBM) before version 11.7.1 is vulnerable to stored XSS because the web application reflects stored input without proper encoding. Affected product: SBM (Serena/Micro Focus SBM). Root cause: lack of input encoding leading to client-side script execution. Imp...

5.5CVSS5.1AI score0.00305EPSS
CVE
CVE
added 2019/06/07 4:17 p.m.59 views

CVE-2019-3477

CVE-2019-3477 affects Micro Focus Solution/ SBM (Serena Solutions Business Manager) versions prior to 11.4.2, with an open redirect vulnerability. The issue is attributed to improper input handling (input validation error) in SBM prior to 11.4.2, enabling redirection to attacker-controlled sites....

6.1CVSS6.2AI score0.00648EPSS
CVE
CVE
added 2019/03/27 5:13 p.m.50 views

CVE-2018-19643

The CVE describes an information leakage vulnerability in Micro Focus Solutions Business Manager (SBM, formerly Serena SBM) versions prior to 11.5. Affected product: SBM. Issue: information disclosure vulnerability (no root-cause details provided in the sources). Impact: potential exposure of sen...

7.5CVSS5.9AI score0.00797EPSS
CVE
CVE
added 2019/03/27 4:42 p.m.49 views

CVE-2018-19641

The CVE-2018-19641 entry concerns Micro Focus Solutions Business Manager (SBM) before version 11.5, with an unauthenticated remote code execution vulnerability. The connected records (NVD, CNVD, CVE list) corroborate the affected product and version range but do not provide detailed root-cause, e...

9.8CVSS8.3AI score0.01499EPSS
CVE
CVE
added 2018/06/21 7:0 p.m.48 views

CVE-2018-7680

The CVE-2018-7680 entry concerns Micro Focus Solutions Business Manager versions prior to 11.4, where the product can reflect back HTTP header values. This is supported by NVD data (reflect back HTTP header values) and CNVD/PRION/other entries referencing SBM pre-11.4. The connected documents do ...

6.1CVSS6.2AI score0.00647EPSS
CVE
CVE
added 2019/02/12 8:0 p.m.47 views

CVE-2018-19645

CVE-2018-19645 is an authentication bypass vulnerability in Solutions Business Manager (SBM, formerly Serena SBM) affecting versions prior to 11.5. CVSSv3 base score 9.8 (CRITICAL); attack vector NETWORK, no privileges required, no user interaction. Root cause details are not specified beyond aut...

9.8CVSS9.5AI score0.01416EPSS
CVE
CVE
added 2019/03/27 5:7 p.m.46 views

CVE-2018-19644

CVE-2018-19644 affects Micro Focus Solutions Business Manager (SBM, formerly Serena SBM) and SBM versions prior to 11.5. The connected documents describe a reflected cross-site scripting vulnerability that allows a remote attacker to inject arbitrary web script or HTML into SBM’s web context.

6.1CVSS5.9AI score0.00512EPSS
CVE
CVE
added 2018/06/21 7:0 p.m.43 views

CVE-2018-7681

Micro Focus Solutions Business Manager (SBM) prior to version 11.4 is affected by a cross-site scripting (XSS) vulnerability that allows JavaScript to be embedded in URLs placed in the Favorites folder. The issue can impact other users when an administrator with sufficient privileges interacts wi...

4.8CVSS5.1AI score0.00512EPSS
CVE
CVE
added 2018/06/21 7:0 p.m.41 views

CVE-2018-7679

CVE-2018-7679 is a remote code execution vulnerability in Micro Focus SBM. Connected CNVD/NVD entries describe SBM versions prior to 11.4 where ASP.NET is configured with execute permission on virtual directories and user avatar images are not validated, enabling an attacker to run arbitrary code...

9.8CVSS9.6AI score0.02314EPSS
CVE
CVE
added 2018/06/21 7:0 p.m.38 views

CVE-2018-7683

CVE-2018-7683 affects Micro Focus Solutions Business Manager (SBM) prior to version 11.4, with an information disclosure exposing sensitive data via server log files. Multiple connected sources corroborate the same impact, referencing SBM before 11.4. The root cause, vulnerable component details,...

7.5CVSS7.2AI score0.01111EPSS
CVE
CVE
added 2019/03/27 4:55 p.m.37 views

CVE-2018-19642

Technical details about CVE-2018-19642 are not publicly available in the provided connected documents. Monitoring for updates is recommended; current documents only confirm a Denial of Service issue in Micro Focus SBM prior to 11.5.

7.5CVSS6.2AI score0.00697EPSS
CVE
CVE
added 2018/06/22 10:0 p.m.37 views

CVE-2018-7682

Micro Focus Solutions Business Manager (SBM) prior to version 11.4 is affected by a cross-domain call vulnerability affecting SBM RESTful services. The CVE entry notes that an attacker could invoke SBM RESTful endpoints across domains, implying potential information exposure or unintended access ...

6.5CVSS6.3AI score0.0084EPSS