CVE-2023-32265
CVE-2023-32265 is a high-severity vulnerability in Microfocus Cobol Server with a CVSS 3.x base score of 7.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: High (CVSS 3.x base score 7.1)
- EPSS exploit prediction: 0% (30th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Microfocus Cobol Server
- Published:
- Last modified:
Description
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to exploit this vulnerability. As described in the hardening guide in the product documentation, other mitigations including restricting network access to ESCWA and restricting users’ permissions in the Micro Focus Directory Server also reduce the exposure to this issue. Given the right conditions this vulnerability could be exploited to expose a service account password. The account corresponding to the exposed credentials usually has limited privileges and, in many cases would only be useful for extracting details of other user accounts and similar information.
Frequently asked questions
- What is CVE-2023-32265?
- A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to exploit this vulnerability. As described in the hardening guide in the product documentation, other mitigations including restricting network access to ESCWA and restricting users’ permissions in the Micro Focus Directory Server also reduce the exposure to this issue. Given the right conditions this vulnerability could be exploited to expose a service account password. The account corresponding to the exposed credentials usually has limited privileges and, in many cases would only be useful for extracting details of other user accounts and similar information.
- How severe is CVE-2023-32265?
- CVE-2023-32265 has a CVSS 3.x base score of 7.1, rated high severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is high, integrity low, and availability none.
- Is CVE-2023-32265 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (30th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2023-32265?
- CVE-2023-32265 primarily affects Microfocus Cobol Server. In total, 15 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2023-32265?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2023-32265 published?
- CVE-2023-32265 was published on 2023-07-20 and last updated on 2026-06-17.
References
Affected products (15)
- cpe:2.3:a:microfocus:cobol_server:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:cobol_server:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:cobol_server:8.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_developer:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_developer:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_developer:8.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_server:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_server:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_server:8.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_test_server:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_test_server:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:enterprise_test_server:8.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:visual_cobol:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:visual_cobol:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:visual_cobol:8.0:-:*:*:*:*:*:*
More vulnerabilities in Microfocus Cobol Server
- CVE-2023-4501 — Critical (CVSS 9.8): User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL…