4 results (0.007 seconds)

CVSS: 8.8EPSS: 83%CPEs: 36EXPL: 0

Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) • http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html https://softwaresupport.softwaregrp.com/doc/KM03747657 https://softwaresupport.softwaregrp.com/doc/KM03747658 https://softwaresupport.softwaregrp.com/doc/KM03747854 https://softwaresupport.softwaregrp.com/doc/KM03747948 https://softwaresupport.softwaregrp.com/doc/KM03747949 https://softwaresupport.softwaregrp.com/doc/KM03747950 https://soft •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors. El componente Universal Discovery en HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20 y 10.21 permite a atacantes remotos obtener información sensible a través de vectores no especificados. • http://www.securitytracker.com/id/1036050 https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164813 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0

HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. HPE Universal CMDB 10.0 hasta la versión 10.21, Universal CMDB Configuration Manager 10.0 hasta la versión 10.21 y Universal Discovery 10.0 hasta la versión 10.21 permiten a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections (ACC). • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164408 • CWE-20: Improper Input Validation •

CVSS: 7.4EPSS: 0%CPEs: 5EXPL: 0

HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors. HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11 y 10.20 permite a atacantes remotos obtener información sensible o llevar a cabo ataques de redireccionamiento de URL a través de vectores no especificados. • http://www.securitytracker.com/id/1035505 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073504 •