Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Micro Focus — Vulnerabilities & Security Advisories 127

Browse all 127 CVE security advisories affecting Micro Focus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Micro Focus, now part of OpenText, primarily delivers enterprise software for IT operations, application lifecycle management, and security automation. Its portfolio historically includes complex legacy systems, resulting in a significant accumulation of vulnerabilities, currently totaling 127 recorded CVEs. Common flaw categories include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and outdated cryptographic implementations within its legacy codebases. Notable security characteristics involve the complexity of integrating disparate tools, which frequently creates attack surface expansions during updates. While no single catastrophic breach defines the company’s public history, the sheer volume of disclosed vulnerabilities highlights challenges in maintaining secure code quality across its extensive, aging software suite. This trend underscores the risks associated with maintaining large, monolithic enterprise applications without rigorous, continuous security refactoring.

Top products by Micro Focus: Service Manager Solutions Business Manager NetIQ Access Manager Micro Focus Enterprise Developer, Micro Focus Enterprise Server ArcSight Management Center Solutions Business Manager 11.4 ArcSight Logger Solutions Business Manager (SBM) Dimensions CM HP ArcSight ESM Filr Micro Focus NetIQ Self Service Password Reset. Network Operations Management Ultimate NetIQ eDirectory 9.1 SP2 Content Manager Network Operations Management (NOM) Suite CDF Secure Messaging Gateway Micro Focus ArcSight Logger Micro Focus VisiBroker Project and Portfolio Management Center Fortify Software Security Center (SSC) Verastream Host Integrator Self Service Password Reset (SSPR) NetIQ Advanced Authentication Framework Micro Focus Fortify Software Security Center Server Application Performance Management Arcsight Security Management Center Micro Focus Operations Bridge Manager Micro Focus Filr Micro Focus GroupWise Web
CVE IDTitleCVSSSeverityPublished
CVE-2020-11860 Micro Focus ArcSight Logger 跨站脚本漏洞 — ArcSight Logger 6.1 -2020-11-17
CVE-2020-25834 Micro Focus ArcSight Logger 跨站脚本漏洞 — ArcSight Logger 6.1 -2020-11-17
CVE-2020-11858 Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products. — Operation Bridge (containerized) 7.8 High2020-10-27
CVE-2020-11854 Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products. — Application Performance Management 9.8 Critical2020-10-27
CVE-2020-11853 Arbitrary code execution vulnerability on multiple Micro Focus products — Operation Bridge Manager 8.8 High2020-10-22
CVE-2020-11844 Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products. — Hybrid Cloud ManagementCWE-863 10.0 Critical2020-05-29
CVE-2019-11662 Micro Focus Service Manager 安全漏洞 — Service Manager 4.3 -2019-09-18
CVE-2019-11661 Micro Focus Service Manager 安全漏洞 — Service Manager 8.3 -2019-09-18
CVE-2019-11664 Micro Focus Service Manager 安全漏洞 — Service Manager 7.5 -2019-09-18
CVE-2019-11663 Micro Focus Service Manager 安全漏洞 — Service Manager 6.5 -2019-09-18
CVE-2019-11665 Micro Focus Service Manager 信息泄露漏洞 — Service Manager 7.5 -2019-09-17
CVE-2019-11666 Micro Focus Service Manager 代码问题漏洞 — Service Manager 8.8 -2019-09-17
CVE-2019-11667 Micro Focus Service Manager 信息泄露漏洞 — Service Manager 6.5 -2019-09-17
CVE-2019-11669 Micro Focus Service Manager 安全漏洞 — Service Manager 6.5 -2019-09-10
CVE-2019-11658 Micro Focus Content Manager 信息泄露漏洞 — Content Manager 4.3 -2019-08-29
CVE-2019-11654 A path traversal vulnerability has been identified in Verastream Host Integrator — Verastream Host Integrator 7.5 -2019-08-23
CVE-2019-11652 Micro Focus Self Service Password Reset 授权问题漏洞 — Self Service Password Reset (SSPR) 9.8 -2019-08-14
CVE-2019-11653 Micro Focus Content Manager 访问控制错误漏洞 — Content Manager 6.5 -2019-08-07
CVE-2019-3486 ArcSight Security Management Center stored cross site script issue in version prior to 2.9.1 — Arcsight Security Management Center 6.1 -2019-07-25
CVE-2019-3485 ArcSight Logger stored cross site script issue in version prior to 6.7.1 — ArcSight Logger 5.4 -2019-07-24
CVE-2019-11650 Micro Focus NetIQ Advanced Authentication Framework 安全特征问题漏洞 — NetIQ Advanced Authentication Framework 5.9 -2019-07-10
CVE-2019-11648 Micro Focus NetIQ Self Service Password Reset Software 信息泄露漏洞 — Micro Focus NetIQ Self Service Password Reset. 7.5 -2019-06-24
CVE-2019-11647 Micro Focus NetIQ Self Service Password Reset Software 跨站脚本漏洞 — Micro Focus NetIQ Self Service Password Reset. 6.1 -2019-06-24
CVE-2019-11649 KM03461174 Micro Focus Fortify Software Security Center Server, CVE-2019-11649 — Micro Focus Fortify Software Security Center Server 5.4 -2019-06-19
CVE-2019-3477 Micro Focus Solutions Business Manager 输入验证错误漏洞 — Solutions Business Manager 6.1 -2019-06-07
CVE-2019-3493 Micro Focus Network Automation Software和Micro Focus Network Operations Management 代码注入漏洞 — Micro Focus Network Automation and Micro Focus Network Operations Management (NOM) 9.8 -2019-04-29
CVE-2019-3489 Micro Focus Content Manager Web Client组件安全漏洞 — Micro Focus Content Manager 9.1 -2019-04-01
CVE-2018-19643 Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5 — Solutions Business Manager (SBM) 7.5 -2019-03-27
CVE-2018-19644 Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5 — Solutions Business Manager (SBM) 6.1 -2019-03-27
CVE-2018-19642 Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5 — Solutions Business Manager (SBM) 7.5 -2019-03-27

This page lists every published CVE security advisory associated with Micro Focus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.