An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter configuration information and alter the state of the running product (CWE-275).
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicrofocus Enterprise Developer
APPMicrofocus2.3Microfocus Enterprise Server
APPMicrofocus2.3≤ 2.3Microfocus Enterprise Server Monitor And Control
APPMicrofocuswszystkie wersje
Related vulnerabilities
User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COB...
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ES...
Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, ...
Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Serve...
A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration...