CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38754 – CVE-2022-38754 - Micro Focus Operations Bridge Manager and OpsBridge Containerized - Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-38754
08 Dec 2022 — A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malici... • https://marketplace.microfocus.com/itom/content/operations-bridge-manager-obm-2022-05-hotfixes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 1%CPEs: 13EXPL: 0CVE-2021-22504
https://notcve.org/view.php?id=CVE-2021-22504
12 Feb 2021 — Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server. Una vulnerabilidad de ejecución de código arbitraria en el producto Micro Focus Operations Bridge Manager, afectan a versiones 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. La vulnerabilidad podría permitir a atacantes... • https://softwaresupport.softwaregrp.com/doc/KM03777855 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2020-11858 – Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products.
https://notcve.org/view.php?id=CVE-2020-11858
27 Oct 2020 — Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code w... • https://packetstorm.news/files/id/161411 •
CVSS: 10.0EPSS: 23%CPEs: 24EXPL: 1CVE-2020-11854 – Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products.
https://notcve.org/view.php?id=CVE-2020-11854
27 Oct 2020 — Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.... • https://packetstorm.news/files/id/161182 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 83%CPEs: 36EXPL: 2CVE-2020-11853 – Arbitrary code execution vulnerability on multiple Micro Focus products
https://notcve.org/view.php?id=CVE-2020-11853
22 Oct 2020 — Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) • https://packetstorm.news/files/id/161182 •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-18590 – MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-18590
07 Nov 2018 — A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure. Existe una vulnerabilidad de ejecución remota de código y divulgación de información en Micro Focus Operations Bridge, en la suite "containerized", en versiones 2017.11, 2018.02, 2018.05 y 2018.08. Esta vulnerabilidad podría permitir la divulgación de información. A potent... • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03283416 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 4%CPEs: 22EXPL: 0CVE-2018-6498 – Micro Focus Container Deployment Foundation (CDF), Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-6498
30 Aug 2018 — Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution. Ejecución remota de código en los siguientes productos: Hybrid Cloud Management C... • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 6%CPEs: 26EXPL: 0CVE-2018-6499 – Micro Focus Security Bulletin MFSBGN03814 1
https://notcve.org/view.php?id=CVE-2018-6499
30 Aug 2018 — Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older th... • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO • CWE-94: Improper Control of Generation of Code ('Code Injection') •