Microfocus Solutions Business Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Microfocus Solutions Business Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2018-7679 — CVSS 9.8 (critical): Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories…
CVE-2018-19645 — CVSS 9.8 (critical): An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
CVE-2018-7683 — CVSS 7.5 (high): Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.
CVE-2019-18945 — CVSS 7.3 (high): Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVE-2018-7682 — CVSS 6.5 (medium): Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.
CVE-2018-7680 — CVSS 6.1 (medium): Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values.
CVE-2019-18943 — CVSS 6.1 (medium): Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain…
CVE-2018-19641 — CVSS 6.1 (medium): Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM))…
CVE-2019-18942 — CVSS 5.5 (medium): Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored…
CVE-2018-19642 — CVSS 5.1 (medium): Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
CVE-2018-19644 — CVSS 5.0 (medium): Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior…
CVE-2019-18944 — CVSS 4.9 (medium): Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVE-2019-18946 — CVSS 4.8 (medium): Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.
CVE-2018-7681 — CVSS 4.8 (medium): Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the…
CVE-2018-19643 — CVSS 4.7 (medium): Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
CVE-2019-18947 — CVSS 3.5 (low): Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure.