Microfocus Service Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Microfocus Service Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2019-11646 — CVSS 8.8 (high): Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32…
CVE-2019-11666 — CVSS 8.8 (high): Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41…
CVE-2019-11661 — CVSS 8.3 (high): Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41…
CVE-2019-11665 — CVSS 7.5 (high): Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61…
CVE-2019-11667 — CVSS 7.5 (high): Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The…
CVE-2019-11669 — CVSS 7.5 (high): Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow…
CVE-2018-18591 — CVSS 6.8 (medium): A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32…
CVE-2019-11664 — CVSS 6.5 (medium): Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51…
CVE-2019-11663 — CVSS 6.5 (medium): Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33…
CVE-2020-11845 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The…
CVE-2018-6494 — CVSS 5.4 (medium): Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51…
CVE-2020-9517 — CVSS 5.4 (medium): There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50…
CVE-2020-9518 — CVSS 5.3 (medium): Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52…
CVE-2020-9519 — CVSS 5.3 (medium): HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51…
CVE-2019-11662 — CVSS 4.3 (medium): Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41…