CVE-2020-9523

Summary

Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to transmit hashed credentials for the user account running the Micro Focus Directory Server (MFDS) to an arbitrary site, compromising that account's security.

Affected Software

VendorProductVersion RangeStatus
n/aEnterprise developer and server.All version prior to version 4.0 Patch Update 16, and version 5.0 Patch Update 6.affected

Weaknesses

  • Insufficiently protected credentials

ADP Enrichment

CVE Program Container

Additional References

References