Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_test_server
(Microfocus)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-09-12 | CVE-2023-4501 | User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants such as Enterprise Test Server), versions 7.0 patch updates 19 and 20, 8.0 patch updates 8 and 9, and 9.0 patch update 1, when LDAP-based authentication is used with certain configurations. When the vulnerability is active, authentication succeeds with any valid username, regardless of whether... | Cobol_server, Enterprise_developer, Enterprise_server, Enterprise_test_server, Visual_cobol | 9.8 | ||
| 2023-07-20 | CVE-2023-32265 | A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to exploit this vulnerability. As described in the hardening guide in the product documentation, other mitigations including restricting network access to ESCWA and restricting users’ permissions in... | Cobol_server, Enterprise_developer, Enterprise_server, Enterprise_test_server, Visual_cobol | 6.5 |