Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Micro Focus — Vulnerabilities & Security Advisories 127

Browse all 127 CVE security advisories affecting Micro Focus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Micro Focus, now part of OpenText, primarily delivers enterprise software for IT operations, application lifecycle management, and security automation. Its portfolio historically includes complex legacy systems, resulting in a significant accumulation of vulnerabilities, currently totaling 127 recorded CVEs. Common flaw categories include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and outdated cryptographic implementations within its legacy codebases. Notable security characteristics involve the complexity of integrating disparate tools, which frequently creates attack surface expansions during updates. While no single catastrophic breach defines the company’s public history, the sheer volume of disclosed vulnerabilities highlights challenges in maintaining secure code quality across its extensive, aging software suite. This trend underscores the risks associated with maintaining large, monolithic enterprise applications without rigorous, continuous security refactoring.

Top products by Micro Focus: Service Manager Solutions Business Manager NetIQ Access Manager Micro Focus Enterprise Developer, Micro Focus Enterprise Server ArcSight Management Center Solutions Business Manager 11.4 ArcSight Logger Solutions Business Manager (SBM) Dimensions CM HP ArcSight ESM Filr Micro Focus NetIQ Self Service Password Reset. Network Operations Management Ultimate NetIQ eDirectory 9.1 SP2 Content Manager Network Operations Management (NOM) Suite CDF Secure Messaging Gateway Micro Focus ArcSight Logger Micro Focus VisiBroker Project and Portfolio Management Center Fortify Software Security Center (SSC) Verastream Host Integrator Self Service Password Reset (SSPR) NetIQ Advanced Authentication Framework Micro Focus Fortify Software Security Center Server Application Performance Management Arcsight Security Management Center Micro Focus Operations Bridge Manager Micro Focus Filr Micro Focus GroupWise Web
CVE IDTitleCVSSSeverityPublished
CVE-2020-25835 Micro Focus ArcSight Management Center Remote Vulnerability — ArcSight Management Center 5.9 Medium2023-12-09
CVE-2023-32265 Mitigations and availability of updates relating to security vulnerability in ESCWA component CVE-2023-32265. — Enterprise Server 7.1 High2023-07-20
CVE-2023-32263 Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3 — Dimensions CM 2.6 Low2023-07-19
CVE-2023-32262 Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3 — Dimensions CM 4.3 Medium2023-07-19
CVE-2023-32261 Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3 — Dimensions CM 4.2 Medium2023-07-19
CVE-2022-38758 XSS vulnerabilities in iManager — NetIQ iManagerCWE-79 7.2 High2023-01-25
CVE-2022-26329 File existence disclosue vulnerability in IDM plugin — NetIQ Identity ManagerCWE-538 1.8 Low2023-01-24
CVE-2022-38757 CVE-2022-38757 ZENworks — ZENworks Configuration Management (ZCM)CWE-269 7.2 High2022-12-23
CVE-2022-38756 CVE-2022-38756 vulnerability in GW Web prior to 18.4.2 — Micro Focus GroupWise Web 4.3 Medium2022-12-16
CVE-2022-38754 CVE-2022-38754 - Micro Focus Operations Bridge Manager and OpsBridge Containerized - Cross Site Scripting (XSS) — Micro Focus Operations Bridge ManagerCWE-79 8.0 High2022-12-08
CVE-2022-38755 Filr Remote unauthenticated user enumeration for versions prior to 4.3.1.1 — Micro Focus Filr 5.3 Medium2022-11-21
CVE-2022-26331 Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS). — Micro Focus ArcSight Logger 6.1 Medium2022-08-31
CVE-2022-26330 Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure. — Micro Focus ArcSight Logger 6.5 Medium2022-08-31
CVE-2022-26326 Potential open redirection vulnerability in NetIQ Access Manager versions prior to version 5.0.2 — NetIQ Access ManagerCWE-601 4.0 Medium2022-05-02
CVE-2022-26325 Cross Site Scripting vulnerability in NetIQ Access Manager versions prior to version 5.0.2 — NetIQ Access ManagerCWE-79 2.9 Low2022-05-02
CVE-2021-22526 Open Redirection vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1 — NetIQ Access ManagerCWE-601 4.9 Medium2021-09-13
CVE-2021-22524 Denial of service vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1 — NetIQ Access ManagerCWE-91 5.4 Medium2021-09-13
CVE-2021-22527 Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1 — NetIQ Access ManagerCWE-200 6.0 Medium2021-09-13
CVE-2021-22528 Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1 — NetIQ Access ManagerCWE-79 8.0 High2021-09-13
CVE-2021-22515 Multi-Factor Authentication (MFA) downgrade exposure in NetIQ Advanced Authentication Server — NetIQ Advanced Authentication 4.8 Medium2021-07-12
CVE-2021-22497 Advanced Authentication Improper Session Management — Advanced Authentication 3.8 Low2021-04-12
CVE-2019-18943 XML External Entity processing — Solutions Business ManagerCWE-611 6.1 Medium2021-02-26
CVE-2019-18942 Stored cross site scripting — Solutions Business ManagerCWE-79 5.5 Medium2021-02-26
CVE-2019-18944 Micro Focus Solutions Business Manager 跨站脚本漏洞 — Solutions Business ManagerCWE-80 4.9 Medium2021-02-26
CVE-2019-18945 privilege escalation — Solutions Business ManagerCWE-264 7.3 High2021-02-26
CVE-2019-18947 information disclosure — Solutions Business ManagerCWE-200 3.5 Low2021-02-26
CVE-2019-18946 Session fixation — Solutions Business ManagerCWE-384 4.8 Medium2021-02-26
CVE-2020-25833 Micro Focus IDOL 跨站脚本漏洞 — IDOL 4.8 -2020-11-17
CVE-2020-25832 Micro Focus Filr 跨站脚本漏洞 — Filr 5.4 -2020-11-17
CVE-2020-11851 Micro Focus ArcSight Logger 代码注入漏洞 — ArcSight Logger 8.8 -2020-11-17

This page lists every published CVE security advisory associated with Micro Focus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.