PT-2019-12466 · Micro Focus · Micro Focus Service Manager

Published

2019-09-18

Updated

2021-07-21

CVE-2019-11664

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Micro Focus Service Manager versions 9.30 through 9.62

Description The issue concerns the exposure of sensitive data due to clear text passwords being stored in the browser. This could potentially allow unauthorized access to sensitive information.

Recommendations For versions 9.30 through 9.62, update to a version that includes a fix for this issue to prevent sensitive data exposure.

Fix

Insufficiently Protected Credentials

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-311

Related Identifiers

CVE-2019-11664

Affected Products

Micro Focus Service Manager

PT-2019-12466 · Micro Focus · Micro Focus Service Manager

CVE-2019-11664

Weakness Enumeration

Related Identifiers

Affected Products

References · 3