Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18942PUBLISHED: 2021-02-26Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
CVE-2019-18943PUBLISHED: 2021-02-26Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.
CVE-2019-18944PUBLISHED: 2021-02-26Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVE-2019-18945PUBLISHED: 2021-02-26Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVE-2019-18946PUBLISHED: 2021-02-26Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.
User Rank: Ninja
4/24/2017 | 7:37:31 PM
Ultimately, today's CISO/CSO has to be able to have those "soft skills" of communication.
More to the point, the increasing trend of having CISOs report to boards is part of the acknowledgement that having the CISO report to the CIO represents a conflict of interest in the CIO's office.