Microfocus Enterprise Developer — known CVE vulnerabilities
Every CVE whose affected-product data names Microfocus Enterprise Developer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2023-4501 — CVSS 9.8 (critical): User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise…
CVE-2017-7420 — CVSS 9.8 (critical): An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer…
CVE-2017-5187 — CVSS 8.8 (high): A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration web UI) in Micro Focus…
CVE-2017-7423 — CVSS 8.8 (high): A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3…
CVE-2020-9523 — CVSS 8.8 (high): Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior…
CVE-2018-12469 — CVSS 7.5 (high): Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in…
CVE-2023-32265 — CVSS 7.1 (high): A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in…
CVE-2017-7424 — CVSS 6.5 (medium): A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before…
CVE-2017-7421 — CVSS 6.1 (medium): Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI)…
CVE-2019-11651 — CVSS 6.1 (medium): Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0…
CVE-2017-7422 — CVSS 5.4 (medium): Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise…
CVE-2020-9524 — CVSS 5.4 (medium): Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0…