Cross-Site Scripting Vulnerability in Micro Focus Access Manager
CVE-2020-25840

6.1MEDIUM

Key Information:

Vendor: Microfocus
Status: Access Manager.
Vendor: CVE Published:; 26 March 2021

What is CVE-2020-25840?

A vulnerability in Micro Focus Access Manager allows for Cross-Site Scripting, impacting all versions prior to 5.0. Exploitation of this flaw could potentially lead to configuration destruction, highlighting the importance of upgrading to the latest version to mitigate associated risks.

Affected Version(s)

Access Manager. All version prior version 5.0.

References

https://www.microfocus.com/documentation/access-manager/5...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2021
Vulnerability Reserved
Sep 23, 2020

Microfocus

What is CVE-2020-25840?

Affected Version(s)

References

CVSS V3.1

Timeline