What is CVE-2022-38756?

CVE-2022-38756 is a vulnerability identified in Micro Focus GroupWise Web in versions prior to 18.4.2.

What is the severity of CVE-2022-38756?

The severity of CVE-2022-38756 is medium, with a CVSSv3 score of 4.3.

How does CVE-2022-38756 affect Micro Focus GroupWise?

CVE-2022-38756 affects Micro Focus GroupWise Web in versions prior to 18.4.2.

How can I fix CVE-2022-38756?

To fix CVE-2022-38756, upgrade Micro Focus GroupWise Web to version 18.4.2 or later.

Are there any references for CVE-2022-38756?

Yes, here are some references for CVE-2022-38756: [Link 1](http://packetstormsecurity.com/files/170768/Micro-Focus-GroupWise-Session-ID-Disclosure.html), [Link 2](http://seclists.org/fulldisclosure/2023/Jan/28), [Link 3](https://portal.microfocus.com/s/article/KM000012374?language=en_US).

Vulnerability/
CVE-2022-38756

medium

4.3

CWE

532

16/12/2022

3/8/2024

CVE-2022-38756: vulnerability in GW Web prior to 18.4.2

First published: Fri Dec 16 2022(Updated: )

A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.

Credit: security@microfocus.com

Affected Software	Affected Version	How to fix
Microfocus Groupwise	<18.4.2

Remedy

Micro Focus has made the following mitigation information available to resolve the vulnerability for the impacted versions of Micro Focus GroupWise: Please update to Micro Focus GroupWise 18.4.2 or newer

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-38756?
CVE-2022-38756 is a vulnerability identified in Micro Focus GroupWise Web in versions prior to 18.4.2.
What is the severity of CVE-2022-38756?
The severity of CVE-2022-38756 is medium, with a CVSSv3 score of 4.3.
How does CVE-2022-38756 affect Micro Focus GroupWise?
CVE-2022-38756 affects Micro Focus GroupWise Web in versions prior to 18.4.2.
How can I fix CVE-2022-38756?
To fix CVE-2022-38756, upgrade Micro Focus GroupWise Web to version 18.4.2 or later.
Are there any references for CVE-2022-38756?
Yes, here are some references for CVE-2022-38756: [Link 1](http://packetstormsecurity.com/files/170768/Micro-Focus-GroupWise-Session-ID-Disclosure.html), [Link 2](http://seclists.org/fulldisclosure/2023/Jan/28), [Link 3](https://portal.microfocus.com/s/article/KM000012374?language=en_US).

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/title
agent/remedy
agent/weakness
agent/severity
agent/author
agent/references
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/microfocus
canonical/microfocus groupwise

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.