Micro Focus Email

Send E-mail

Self-Solve Knowledge Search

We found 343 results
a potential security vulnerability has been identified with service manager. the vulnerability could be exploited to allow unauthenticated remote code execution against the service manager web tier.
security bulletins any; service manager 9.50 9.51 9.52 9.60 ;
security bulletins
public
published
Created: 2019-06-13
Modified: 2019-08-13
an access control bypass vulnerability has been identified in the web client component of content manager, affecting version 9.1 prior to 9.1.6.6, 9.2 prior to 9.2.3.2 and 9.3 prior to 9.3.2.3. the vulnerability could be exploited to manipulate data stored during another user's checkin request. existing mitigation information: to successfully exploit the vulnerability requires the attacker to have access to generally protected or inaccessible information, including having an active user account themselves, knowledge of internal identifiers of targeted user(s), and the name of files other users are actively operating against. in addition, the attacker has a limited time window to exploit the vulnerability during concurrent user activity, which can be further minimized by the system administrator via configuration
content manager 9.10 9.20 9.30 ; security bulletins any;
security bulletins
public
published
Created: 2019-08-06
Modified: 2019-08-13
a potential cross-site scripting vulnerability has been identified in micro focus fortify software security center server. the vulnerability could be exploited to execute javascript code in user's browser.
fortify software security center server 17.20 18.10 18.20 ; security bulletins any;
security bulletins
public
published
Created: 2019-06-17
Modified: 2019-06-20
a potential security vulnerability has been identified with service manager. the vulnerability could be exploited to allow remote attackers to read arbitrary files via a crafted openxml document containing an external entity declaration in conjunction with an entity reference against the service manager server and web tier.
security bulletins any; service manager 9.30 9.31 9.32 9.33 9.34 9.35 9.40 9.41 9.50 9.51 9.52 9.60 9.61 ;
security bulletins
public
published
Created: 2019-06-13
Modified: 2019-06-13
a potential security vulnerability has been identified with service manager. this vulnerability may result in unauthorized command execution and unauthorized disclosure of information.
security bulletins any; service manager 9.30 9.31 9.32 9.33 9.34 9.35 9.40 9.41 9.50 9.51 9.52 9.60 9.61 ;
security bulletins
public
published
Created: 2019-06-03
Modified: 2019-06-03
a vulnerability in docker-runc was addressed by micro focus service management automation (sma). the vulnerability could be exploited to local unauthorized disclosure of information, local unauthorized modification and local disruption of service.
security bulletins any; sm automation containerized 2018.02 2018.05 2018.08 2018.11 ;
security bulletins
public
published
Created: 2019-05-05
Modified: 2019-05-05
potential security vulnerabilities have been identified in hpe network automation. the vulnerabilities could be remotely exploited to allow sql injection, code execution, information disclosure, authentication bypass, elevated privilege execution, and invalid session management.
network automation ; security bulletins any;
security bulletins
public
published
Created: 2017-10-20
Modified: 2019-05-03
this document describes the impact of the runc - malicious container escape - cve-2019-5736 vulnerability in the context of micro focus container deployment foundation (cdf) based products, and a recommended mitigation to the cdf configuration.
sm automation containerized 2018.02 2018.05 2018.08 2018.11 ;
security bulletins
public
published
Created: 2019-03-27
Modified: 2019-04-29
a potential security vulnerability has been identified in micro focus network automation and micro focus network operations management (nom). the vulnerability could be remotely exploited to remote code execution.
network automation 10.00 10.10 10.20 10.30 10.40 10.50 2018.05 2018.08 2018.11 9.20 9.21 ; network operations management all ; security bulletins any;
security bulletins
public
published
Created: 2019-04-28
Modified: 2019-04-28
this document describes the impact of the runc - malicious container escape - cve-2019-5736 vulnerability in the context of micro focus container deployment foundation (cdf) based products, and a recommended mitigation to the cdf configuration.
hybrid cloud management containerized 2017.05 2017.08 2017.11 2018.02 2018.05 2018.08 2018.11 ;
security bulletins
public
candidate
Created: 2019-04-02
Modified: 2019-04-02

Document Type

   

Products

   
  • discovery and dependency mapping inventory (8)
  • sm automation containerized (7)
  • universal cmdb config mgr (7)
  • arcsight enterprise security manager (5)
  • operations orchestration (5)
  • project and portfolio management (5)
  • arcsight logger software (4)
  • kcs - knowledge centered support (4)
  • sso - software support online (4)
  • business process monitor (3)
  • hybrid cloud management containerized (3)
  • operations bridge containerized (3)
  • arcsight connector appliance (2)
  • arcsight connector hosting appliance (2)
  • arcsight logger appliance (2)
  • arcsight management center (2)
  • business process insight (2)
  • cloud service automation (2)
  • fortify software security center server (2)
  • network operations management ultimate (2)
  • operations manager for linux (2)
  • operations manager for unix (2)
  • operations manager for windows (2)
  • application performance management (bac) (1)
  • arcsight smart connectors (1)
  • continuous delivery automation (1)
  • data center automation suite-express (1)
  • fortify software security center (1)
  • hpe propel third party adapters (1)
  • network node manager i ultimate (1)
  • network operations management all (1)
  • network operations management express (1)
  • network operations management premium (1)
  • operations bridge analytics (1)
  • service health analyzer (1)
  • sm service request catalog (1)
  • unified functional testing (1)
  • universal discovery for oracle lms (1)

Version

   

Workflow Status

   

Security Level

   

Operating System

   

Language

   

Date Range

Start Date:

End Date: