Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Micro Focus — Vulnerabilities & Security Advisories 127

Browse all 127 CVE security advisories affecting Micro Focus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Micro Focus, now part of OpenText, primarily delivers enterprise software for IT operations, application lifecycle management, and security automation. Its portfolio historically includes complex legacy systems, resulting in a significant accumulation of vulnerabilities, currently totaling 127 recorded CVEs. Common flaw categories include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and outdated cryptographic implementations within its legacy codebases. Notable security characteristics involve the complexity of integrating disparate tools, which frequently creates attack surface expansions during updates. While no single catastrophic breach defines the company’s public history, the sheer volume of disclosed vulnerabilities highlights challenges in maintaining secure code quality across its extensive, aging software suite. This trend underscores the risks associated with maintaining large, monolithic enterprise applications without rigorous, continuous security refactoring.

Top products by Micro Focus: Service Manager Solutions Business Manager NetIQ Access Manager Micro Focus Enterprise Developer, Micro Focus Enterprise Server ArcSight Management Center Solutions Business Manager 11.4 ArcSight Logger Solutions Business Manager (SBM) Dimensions CM HP ArcSight ESM Filr Micro Focus NetIQ Self Service Password Reset. Network Operations Management Ultimate NetIQ eDirectory 9.1 SP2 Content Manager Network Operations Management (NOM) Suite CDF Secure Messaging Gateway Micro Focus ArcSight Logger Micro Focus VisiBroker Project and Portfolio Management Center Fortify Software Security Center (SSC) Verastream Host Integrator Self Service Password Reset (SSPR) NetIQ Advanced Authentication Framework Micro Focus Fortify Software Security Center Server Application Performance Management Arcsight Security Management Center Micro Focus Operations Bridge Manager Micro Focus Filr Micro Focus GroupWise Web
CVE IDTitleCVSSSeverityPublished
CVE-2018-19641 Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5 — Solutions Business Manager (SBM) 9.8 -2019-03-27
CVE-2019-3474 Path traversal vulnerability in Filr web application — FilrCWE-22 6.5 -2019-02-20
CVE-2019-3475 Local privilege escalation in Filr famtd — FilrCWE-264 7.8 -2019-02-20
CVE-2018-18593 MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities — UCMDB Configuration Management Service 7.5 -2018-12-31
CVE-2018-7690 MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access — Fortify Software Security Center (SSC) 6.5 -2018-12-13
CVE-2018-7691 MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access — Fortify Software Security Center (SSC) 6.5 -2018-12-13
CVE-2018-17949 Micro Focus NetIQ iManager 跨站脚本漏洞 — NetIQ iManager 3.1 SP2 6.1 -2018-12-12
CVE-2018-17950 Micro Focus NetIQ eDirectory 安全漏洞 — NetIQ eDirectory 9.1 SP2 7.5 -2018-12-12
CVE-2018-17952 Micro Focus NetIQ eDirectory 跨站脚本漏洞 — NetIQ eDirectory 9.1 SP2 6.1 -2018-12-12
CVE-2018-18591 MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data — Micro Focus Service Manager 6.5 -2018-11-13
CVE-2018-18590 MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution — Operation Bridge Containerized Suite 8.1 -2018-11-07
CVE-2018-18589 MFSBGN03827 rev.1 - Microfocus Real User Monitoring 9.4.0 BPRDownload Java Deserialization Vulnerability — Microfocus Real User Monitoring 8.8 -2018-10-23
CVE-2018-12469 Micro Focus Enterprise Developer and Enterprise Server 安全漏洞 — Micro Focus Enterprise Developer, Micro Focus Enterprise ServerCWE-476 7.5 -2018-10-12
CVE-2018-6502 MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability — ArcSight Management Center 6.1 -2018-09-20
CVE-2018-6503 MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability — ArcSight Management Center 9.1 -2018-09-20
CVE-2018-6504 MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability — ArcSight Management Center 8.8 -2018-09-20
CVE-2018-6505 MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability — ArcSight Management Center 7.5 -2018-09-20
CVE-2018-6500 MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability — ArcSight Management Center 7.5 -2018-09-20
CVE-2018-6498 Micro Focus Container Deployment Foundation (CDF), Remote Code Execution — Network Operations Management (NOM) Suite CDF 9.8 -2018-08-30
CVE-2018-6499 多款Micro Focus产品安全漏洞 — Network Operations Management (NOM) Suite CDF 9.8 -2018-08-30
CVE-2018-7686 Micro Focus NetIQ eDirectory 信息泄露漏洞 — eDirectory (ZDI) 7.5 -2018-08-09
CVE-2018-7692 Micro Focus NetIQ eDirectory 安全漏洞 — NetIQ eDirectory Versions prior to 9.1.1 HF1 6.1 -2018-08-09
CVE-2018-12468 Arbitrary File Upload in GroupWise Administration Console — GroupWise 7.2 -2018-08-01
CVE-2018-12463 MFSBGN03811 rev.1 - Fortify Software Security Center (SSC), Multiple vulnerabilities — Fortify Software Security Center 9.8 -2018-07-12
CVE-2018-12464 Unauthenticated SQL injection in Micro Focus Secure Messaging Gateway — Secure Messaging GatewayCWE-89 9.8 -2018-06-29
CVE-2018-12465 Remote Code Execution in Micro Focus Secure Messaging Gateway — Secure Messaging GatewayCWE-77 7.2 -2018-06-29
CVE-2018-7682 Micro Focus Solutions Business Manager 安全漏洞 — Solutions Business Manager 11.4 6.5 -2018-06-22
CVE-2018-7679 Micro Focus Solutions Business Manager 安全漏洞 — Solutions Business Manager 11.4 9.8 -2018-06-21
CVE-2018-7680 Micro Focus Solutions Business Manager 跨站脚本漏洞 — Solutions Business Manager 11.4 5.2 -2018-06-21
CVE-2018-7681 Micro Focus Solutions Business Manager 跨站脚本漏洞 — Solutions Business Manager 11.4 4.8 -2018-06-21

This page lists every published CVE security advisory associated with Micro Focus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.