VYPR
Vendor

Serena

Products
3
CVEs
7
Across products
7
Status
Private

Products

3

Recent CVEs

7
  • CVE-2018-19645CriFeb 12, 2019
    risk 0.64cvss 9.8epss 0.01

    An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

  • CVE-2019-18943MedFeb 26, 2021
    risk 0.40cvss 6.1epss 0.00

    Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.

  • CVE-2018-19641MedMar 27, 2019
    risk 0.40cvss 6.1epss 0.01

    Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

  • CVE-2018-7680MedJun 21, 2018
    risk 0.40cvss 6.1epss 0.01

    Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values.

  • CVE-2004-2563Dec 31, 2004
    risk 0.03cvss epss 0.02

    Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.

  • CVE-2014-0336Mar 6, 2014
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI.

  • CVE-2014-0335Mar 6, 2014
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2) DB_NAME, (3) DM_HOST, (4) MAN_DB_NAME, (5) framecmd, (6) identifier, (7)…