CVE-2020-11854
Published: Oct 27, 2020
Modified: Aug 4, 2024
CVSS v3.1
9.8
Description
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.
| Vendor | Product | Versions |
|---|---|---|
Micro Focus | Application Performance Management | affected 9.51affected 9.50affected 9.40 |
Micro Focus | Operation Bridge (containerized) | affected 2020.05affected 2019.08affected 2019.05affected 2018.11affected 2018.08+3 more versions |
Micro Focus | Operation Bridge Manager | affected 2020.05affected 2019.11affected 2019.05affected 2018.11affected 2018.05+7 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now