CVE-2020-11858

EPSS 1.75%
Veröffentlicht 27.10.2020 17:15:12
Zuletzt bearbeitet 21.11.2024 04:58:46
Quelle security@opentext.com
CVE-Watchlists
Login
Unerledigt
Login

Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products.

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 7

NVD 20 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microfocus ≫ Operations Bridge Version2017.11

Microfocus ≫ Operations Bridge Version2018.02

Microfocus ≫ Operations Bridge Version2018.05

Microfocus ≫ Operations Bridge Version2018.08

Microfocus ≫ Operations Bridge Version2018.11

Microfocus ≫ Operations Bridge Version2019.05

Microfocus ≫ Operations Bridge Version2019.08

Microfocus ≫ Operations Bridge Version2020.05

Microfocus ≫ Operations Bridge Manager Version <= 10.10

Microfocus ≫ Operations Bridge Manager Version10.11

Microfocus ≫ Operations Bridge Manager Version10.12

Microfocus ≫ Operations Bridge Manager Version10.60

Microfocus ≫ Operations Bridge Manager Version10.61

Microfocus ≫ Operations Bridge Manager Version10.62

Microfocus ≫ Operations Bridge Manager Version10.63

Microfocus ≫ Operations Bridge Manager Version2018.05

Microfocus ≫ Operations Bridge Manager Version2018.11

Microfocus ≫ Operations Bridge Manager Version2019.05

Microfocus ≫ Operations Bridge Manager Version2019.11

Microfocus ≫ Operations Bridge Manager Version2020.05

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.75%	0.821

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
security@opentext.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://softwaresupport.softwaregrp.com/doc/KM03747658

https://softwaresupport.softwaregrp.com/doc/KM03747854

http://packetstormsecurity.com/files/161411/Micro-Focus-Operations-Bridge-Manager-Local-Privilege-Escalation.html

https://www.zerodayinitiative.com/advisories/ZDI-20-1326/

https://nvd.nist.gov/vuln/detail/CVE-2020-11858

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11858

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11858

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2020-11858