Microfocus » Content Manager » 9.2 : Security Vulnerabilities, CVEs,

cpe:2.3:a:microfocus:content_manager:9.2:*:*:*:*:*:*:*

CVE-2019-11658

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state.
Max CVSS
4.3
EPSS Score
0.05%
Published
2019-08-30
Updated
2019-08-30

CVE-2019-3489

An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server.
Max CVSS
7.5
EPSS Score
0.16%
Published
2019-04-01
Updated
2019-04-02
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close