Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-11854

Опубликовано: 27 окт. 2020
Источник: nvd
CVSS3: 9.8
CVSS2: 10
EPSS Критический

Описание

Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microfocus:application_performance_management:9.50:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_performance_management:9.51:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2017.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2018.02:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2018.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2018.08:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2018.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2019.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2019.08:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge:2020.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:*:*:*:*:*:*:*:*
Версия до 10.10 (включая)
cpe:2.3:a:microfocus:operations_bridge_manager:10.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:10.12:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:10.60:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:10.61:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:10.62:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:10.63:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:2018.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:2018.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:2019.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:2019.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:operations_bridge_manager:2020.05:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:microfocus:application_performance_management:9.40:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.33:cumulative_update_package_3:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.92403
Критический

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-798

Связанные уязвимости

github логотип

GHSA-g58f-4539-9qhg

CVSS3: 9.8
github
больше 3 лет назад

Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.

EPSS

Процентиль: 100%
0.92403
Критический

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-798