8.8
CVE-2020-11853
- EPSS 92.08%
- Published 22.10.2020 21:15:12
- Last modified 21.11.2024 04:58:45
- Source security@opentext.com
- Teams watchlist Login
- Open Login
Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code.
Data is provided by the National Vulnerability Database (NVD)
Microfocus ≫ Operation Bridge Manager Version <= 10.10
Microfocus ≫ Operation Bridge Manager Version10.11
Microfocus ≫ Operation Bridge Manager Version10.12
Microfocus ≫ Operation Bridge Manager Version10.60
Microfocus ≫ Operation Bridge Manager Version10.61
Microfocus ≫ Operation Bridge Manager Version10.62
Microfocus ≫ Operation Bridge Manager Version10.63
Microfocus ≫ Operations Bridge Manager Version2017.11
Microfocus ≫ Operations Bridge Manager Version2018.02
Microfocus ≫ Operations Bridge Manager Version2018.05
Microfocus ≫ Operations Bridge Manager Version2018.08
Microfocus ≫ Operations Bridge Manager Version2018.11
Microfocus ≫ Operations Bridge Manager Version2019.05
Microfocus ≫ Operations Bridge Manager Version2019.08
Microfocus ≫ Operations Bridge Manager Version2019.11
Microfocus ≫ Operations Bridge Manager Version2020.05
Hp ≫ Universal Cmbd Foundation Version10.20
Hp ≫ Universal Cmbd Foundation Version10.30
Hp ≫ Universal Cmbd Foundation Version10.31
Hp ≫ Universal Cmbd Foundation Version10.32
Hp ≫ Universal Cmbd Foundation Version10.33
Hp ≫ Universal Cmbd Foundation Version11.0
Hp ≫ Universal Cmbd Foundation Version2018.05
Hp ≫ Universal Cmbd Foundation Version2018.08
Hp ≫ Universal Cmbd Foundation Version2018.11
Hp ≫ Universal Cmbd Foundation Version2019.02
Hp ≫ Universal Cmbd Foundation Version2019.05
Hp ≫ Universal Cmbd Foundation Version2019.11
Hp ≫ Universal Cmbd Foundation Version2020.05.
Microfocus ≫ Application Performance Management Version9.40
Microfocus ≫ Application Performance Management Version9.50
Microfocus ≫ Application Performance Management Version9.51
Microfocus ≫ Data Center Automation Version <= 2019.11
Microfocus ≫ Hybrid Cloud Management Version >= 2018.05 <= 2020.05
Microfocus ≫ Service Manager Automation Version2020.02
Microfocus ≫ Service Manager Automation Version2020.05
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 92.08% | 0.997 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
| security@opentext.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|