Skip to main content

Solutions Business Manager

6 CVEs product

Monthly

CVE-2019-3477 MEDIUM This Month

Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Solutions Business Manager
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-7682 MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solutions Business Manager
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2018-7683 HIGH This Week

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Solutions Business Manager
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-7681 MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Solutions Business Manager
NVD
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-7680 MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Solutions Business Manager
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-7679 CRITICAL Act Now

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Solutions Business Manager
NVD
CVSS 3.0
9.8
EPSS
2.3%
EPSS 1% CVSS 6.1
MEDIUM This Month

Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Solutions Business Manager
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solutions Business Manager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Solutions Business Manager
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Solutions Business Manager
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Solutions Business Manager
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Solutions Business Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy