📦

operations_agent

Vendor: microfocus

Actively Exploited 0 CISA KEV List

PoC / Exploits 4 Code Available

Total RCEs 4 Remote Access

Total CVEs 8 Total Indexed

Avg. EPSS 10.97% Exploit Prob.

Latest CVE CVE-2026-2123 Mar 31

Security Vulnerability Index

Page 1 / 1

8.6 CVSS

CVE-2026-2123

A security audit identified a privilege escalation vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of Oneconsult AG for reporting this vulnerability

EPSS: 0.02%

Severity: HIGH

Mar 31, 2026

1.8 CVSS

CVE-2024-5532

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system. This issue affects Operations Agent: 12.20, 12.21, 12.22, 12.23, 12.24, 12.25, 12.26.

EPSS: 0.24%

Severity: LOW

Oct 28, 2024

8.8 CVSS

CVE-2024-0622

Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation.

EPSS: 0.04%

Severity: HIGH

Feb 15, 2024

3.3 CVSS

CVE-2021-38129

Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local user to access system monitoring data collected by Operations Agent.

EPSS: 0.05%

Severity: LOW

Jan 25, 2022

9.8 CVSS

CVE-2021-22505

Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent.

EPSS: 0.88%

Severity: CRITICAL

Apr 13, 2021

7.8 CVSS

CVE-2020-11861

Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. The vulnerability could be exploited to escalate the local privileges and gain root access on the system.

EPSS: 0.05%

Severity: HIGH

Sep 18, 2020

6.5 CVSS

CVE-2019-17085

XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent.

EPSS: 0.21%

Severity: MEDIUM

Nov 18, 2019

7.5 CVSS

CVE-2017-3733

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.

EPSS: 3.10%

Severity: HIGH

May 04, 2017

4.3 CVSS

CVE-2014-2647

Exploit Found

Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

EPSS: 1.76%

Severity: MEDIUM

Oct 19, 2014

4.4 CVSS

CVE-2014-2630

Exploit Found

Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.

EPSS: 12.24%

Severity: MEDIUM

Aug 12, 2014

Displaying 10 of 8 Total Entries

Total 1 Sections