CVE-2023-32265

Name of the Vulnerable Software and Affected Versions Enterprise Server Common Web Administration (ESCWA) (affected versions not specified)

Description A potential security issue has been identified in the ESCWA component used in several products, including Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. To exploit this issue, an attacker must be authenticated into ESCWA. The vulnerability could potentially expose a service account password, which usually has limited privileges. Mitigations such as restricting network access to ESCWA and limiting users' permissions in the Micro Focus Directory Server can reduce exposure to this issue.

Recommendations As a temporary workaround, consider restricting network access to ESCWA and limiting users' permissions in the Micro Focus Directory Server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.