Microfocus Application Performance Management vulnerabilities
5 known vulnerabilities affecting microfocus/application_performance_management.
Total CVEs
5
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-22514CRITICALCVSS 9.8v9.40v9.50+1 more2021-04-28
CVE-2021-22514 [CRITICAL] CVE-2021-22514: An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management,
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.
nvd
CVE-2021-22500MEDIUMCVSS 6.5v9.40v9.50+2 more2021-02-06
CVE-2021-22500 [MEDIUM] CWE-352 CVE-2021-22500: Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product,
Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing.
cvelistv5nvd
CVE-2021-22499MEDIUMCVSS 4.8v9.40v9.50+1 more2021-02-06
CVE-2021-22499 [MEDIUM] CWE-79 CVE-2021-22499: Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management prod
Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack.
nvd
CVE-2020-11854CRITICALCVSS 9.8ExploitedPoCv9.50v9.51+1 more2020-10-27
CVE-2020-11854 [CRITICAL] CWE-798 CVE-2020-11854: Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Managemen
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager version
nvd
CVE-2020-11853HIGHCVSS 8.8PoCv9.40v9.50+1 more2020-10-22
CVE-2020-11853 [HIGH] CVE-2020-11853: Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge
Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected vers
nvd