- How many CVEs does Micro Focus have?
- Micro Focus has 304 published CVE records since 2001, including 3 in the last two years.
- How many Micro Focus CVEs are in CISA KEV?
- Yes — 2 of Micro Focus's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Micro Focus products have the most CVEs?
- The Micro Focus products with the most published CVEs are imanager, Access Manager, Solutions Business Manager, edirectory, Service Manager.
- What are the most common weakness types in Micro Focus CVEs?
- Micro Focus's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-611 (Improper Restriction of XML External Entity Reference), CWE-20 (Improper Input Validation), CWE-352 (Cross-Site Request Forgery (CSRF)).
- Are there public exploits for Micro Focus vulnerabilities?
- Yes — 35 of Micro Focus's CVEs have a known public exploit.
- How many critical Micro Focus vulnerabilities are there?
- Micro Focus has 71 critical and 106 high-severity CVEs.
- What is the average severity of Micro Focus CVEs?
- The average CVSS base score across Micro Focus's scored CVEs is 7.4.