Design/Logic Flaw

2020-04-1715:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.9%

JSON

Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to transmit hashed credentials for the user account running the Micro Focus Directory Server (MFDS) to an arbitrary site, compromising that account’s security.

CPENameOperatorVersion
enterprise_developereq4.0
enterprise_developereq5.0
enterprise_developereq5.0 update-1
enterprise_developereq5.0 update-2
enterprise_developereq5.0 update-3
enterprise_developereq5.0 update-4
enterprise_developereq5.0 update-5
enterprise_developereq4.0 update-1
enterprise_developereq4.0 update-2
enterprise_developereq4.0 update-3

Name	Operator	Version
enterprise_developer	eq	4.0
enterprise_developer	eq	5.0
enterprise_developer	eq	5.0 update-1
enterprise_developer	eq	5.0 update-2
enterprise_developer	eq	5.0 update-3
enterprise_developer	eq	5.0 update-4
enterprise_developer	eq	5.0 update-5
enterprise_developer	eq	4.0 update-1
enterprise_developer	eq	4.0 update-2
enterprise_developer	eq	4.0 update-3

Rows per page:

1-10 of 461

References

softwaresupport.softwaregrp.com/doc/KM03634936