CVE-2019-11663
MEDIUMMicro Focus Service Manager <9.62 - Info Disclosure
Title source: llmDescription
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://softwaresupport.softwaregrp.com/doc/KM03518316
Scores
CVSS v3
6.5
EPSS
0.0048
EPSS Percentile
37.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
CWE-311
Status
published
Products (1)
microfocus/service_manager
9.30 - 9.62
Published
Sep 18, 2019
Tracked Since
Feb 18, 2026