Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Micro Focus — Vulnerabilities & Security Advisories 127

Browse all 127 CVE security advisories affecting Micro Focus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Micro Focus, now part of OpenText, primarily delivers enterprise software for IT operations, application lifecycle management, and security automation. Its portfolio historically includes complex legacy systems, resulting in a significant accumulation of vulnerabilities, currently totaling 127 recorded CVEs. Common flaw categories include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and outdated cryptographic implementations within its legacy codebases. Notable security characteristics involve the complexity of integrating disparate tools, which frequently creates attack surface expansions during updates. While no single catastrophic breach defines the company’s public history, the sheer volume of disclosed vulnerabilities highlights challenges in maintaining secure code quality across its extensive, aging software suite. This trend underscores the risks associated with maintaining large, monolithic enterprise applications without rigorous, continuous security refactoring.

Top products by Micro Focus: Service Manager Solutions Business Manager NetIQ Access Manager Micro Focus Enterprise Developer, Micro Focus Enterprise Server ArcSight Management Center Solutions Business Manager 11.4 ArcSight Logger Solutions Business Manager (SBM) Dimensions CM HP ArcSight ESM Filr Micro Focus NetIQ Self Service Password Reset. Network Operations Management Ultimate NetIQ eDirectory 9.1 SP2 Content Manager Network Operations Management (NOM) Suite CDF Secure Messaging Gateway Micro Focus ArcSight Logger Micro Focus VisiBroker Project and Portfolio Management Center Fortify Software Security Center (SSC) Verastream Host Integrator Self Service Password Reset (SSPR) NetIQ Advanced Authentication Framework Micro Focus Fortify Software Security Center Server Application Performance Management Arcsight Security Management Center Micro Focus Operations Bridge Manager Micro Focus Filr Micro Focus GroupWise Web
CVE IDTitleCVSSSeverityPublished
CVE-2018-7683 Micro Focus Solutions Business Manager 安全漏洞 — Solutions Business Manager 11.4 6.5 -2018-06-21
CVE-2018-6496 MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF — UCMDB Browser 8.8 -2018-06-15
CVE-2018-6497 MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF — Universal CMDB Server 8.8 -2018-06-15
CVE-2018-6495 MFSBGN03808 rev.1 - Micro Focus UCMDB, Cross-Site Scripting — UCMDB 6.1 -2018-05-23
CVE-2018-6492 MFSBGN03806 rev.1 - HP Network Automation Software, Network Operations Management (NOM) Suite, Multiple Vulnerabilities — Network Operations Management Ultimate 6.1 -2018-05-22
CVE-2018-6493 MFSBGN03806 rev.1 - HP Network Automation Software, Network Operations Management (NOM) Suite, Multiple Vulnerabilities — Network Operations Management Ultimate 9.8 -2018-05-22
CVE-2018-6494 MFSBGN03807 rev.1 - HP Service Manager Software, Multiple Vulnerabilities — HP Service Manager Software 6.5 -2018-05-22
CVE-2018-7687 Client for OES Elevation of Privilege via Buffer Overflow — Client for Open Enterprise Server 7.8 -2018-05-21
CVE-2018-6491 MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability — Universal CMDB 8.8 -2018-04-23
CVE-2018-1343 Micro Focus Privileged Account Manager 安全漏洞 — NetIQ Privileged Account Manager (PAM) 3.1 and 3.2 9.1 -2018-03-06
CVE-2018-6490 MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS) — Operations Orchestration Software 7.5 -2018-03-02
CVE-2018-6488 MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance — Micro Focus Universal CMDB 9.8 -2018-02-22
CVE-2018-6487 MFSBGN03799 rev.1 - Micro Focus UCMDB, Remote Disclosure of Information — Universal CMDB Foundation Software 7.5 -2018-02-20
CVE-2018-6486 MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection — Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC) 9.8 -2018-02-02
CVE-2018-1342 NetIQ Access Manager Admin Console 安全漏洞 — NetIQ Access Manager, Administrative Console 7.2 -2018-01-26
CVE-2017-14803 NetIQ Access Manager Identity Server 安全漏洞 — NetIQ Access Manager 9.8 -2018-01-20
CVE-2017-14363 MFSBGN03795 rev.1 - Micro Focus Operations Manager i - Remote Cross-Site Scripting (XSS) — Operations Manager i 5.4 -2017-12-21
CVE-2017-14361 MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities — Project and Portfolio Management Center 7.4 -2017-12-13
CVE-2017-14362 MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities — Project and Portfolio Management Center 9.4 -2017-12-13
CVE-2017-14360 MFSBGN03791 rev.1 - HPE Content Manager Workgroup Service, Denial of Service (DoS) — HPE Content Manager Workgroup Service 7.5 -2017-11-08
CVE-2017-14359 MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS) — HPE Performance Center 6.1 -2017-11-03
CVE-2017-14356 HPE ArcSight ESM和HPE ArcSight ESM Express SQL注入漏洞 — HP ArcSight ESM 9.8 -2017-10-31
CVE-2017-14357 HPE ArcSight ESM和HPE ArcSight ESM Express 跨站脚本漏洞 — HP ArcSight ESM 6.1 -2017-10-31
CVE-2017-14358 HPE ArcSight ESM和HPE ArcSight ESM Express 安全漏洞 — HP ArcSight ESM 6.1 -2017-10-31
CVE-2017-8994 HPE Operations Orchestration 输入验证漏洞 — HPE Operations Orchestration 9.8 -2017-10-10
CVE-2017-14350 HPE Application Performance Management Platform 安全漏洞 — HPE Application Performance Management (APM) 9.8 -2017-09-29
CVE-2017-9282 Micro Focus VisiBroker 数字错误漏洞 — Micro Focus VisiBrokerCWE-190 9.8 -2017-09-21
CVE-2017-9283 Micro Focus VisiBroker 安全漏洞 — Micro Focus VisiBrokerCWE-125 9.8 -2017-09-21
CVE-2017-5187 Micro Focus Enterprise Developer和Enterprise Server Directory Server 跨站请求伪造漏洞 — Micro Focus Enterprise Developer, Micro Focus Enterprise ServerCWE-352 8.8 -2017-08-21
CVE-2017-7420 Micro Focus Enterprise Developer和Enterprise Server ESMAC 权限许可和访问控制漏洞 — Micro Focus Enterprise Developer, Micro Focus Enterprise ServerCWE-287 9.1 -2017-08-21

This page lists every published CVE security advisory associated with Micro Focus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.