VYPR

Solutions Business Manager

by Microfocus

CVEs (4)

  • CVE-2018-7679CriJun 21, 2018
    risk 0.64cvss 9.8epss 0.02

    Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

  • CVE-2018-7683HigJun 21, 2018
    risk 0.49cvss 7.5epss 0.01

    Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.

  • CVE-2018-7682MedJun 22, 2018
    risk 0.42cvss 6.5epss 0.01

    Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.

  • CVE-2018-7681MedJun 21, 2018
    risk 0.31cvss 4.8epss 0.01

    Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system.