8 results (0.004 seconds)

CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-38754 – CVE-2022-38754 - Micro Focus Operations Bridge Manager and OpsBridge Containerized - Cross Site Scripting (XSS)

https://notcve.org/view.php?id=CVE-2022-38754

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. • https://marketplace.microfocus.com/itom/content/operations-bridge-manager-obm-2022-05-hotfixes https://portal.microfocus.com/s/article/KM000012517?language=en_US https://portal.microfocus.com/s/article/KM000012518?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0

CVE-2021-22504

https://notcve.org/view.php?id=CVE-2021-22504

Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server. Una vulnerabilidad de ejecución de código arbitraria en el producto Micro Focus Operations Bridge Manager, afectan a versiones 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. La vulnerabilidad podría permitir a atacantes remotos ejecutar código arbitrario en un servidor OBM • https://softwaresupport.softwaregrp.com/doc/KM03777855 •

CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0

CVE-2020-11858 – Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products.

https://notcve.org/view.php?id=CVE-2020-11858

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges. • http://packetstormsecurity.com/files/161411/Micro-Focus-Operations-Bridge-Manager-Local-Privilege-Escalation.html https://softwaresupport.softwaregrp.com/doc/KM03747658 https://softwaresupport.softwaregrp.com/doc/KM03747854 https://www.zerodayinitiative.com/advisories/ZDI-20-1326 •

CVSS: 10.0EPSS: 23%CPEs: 24EXPL: 0

CVE-2020-11854 – Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products.

https://notcve.org/view.php?id=CVE-2020-11854

Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. • http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html https://softwaresupport.softwaregrp.com/doc/KM03747657 https://softwaresupport.softwaregrp.com/doc/KM03747658 https://softwaresupport.softwaregrp.com/doc/KM03747854 https://www.zerodayinitiative.com/advisories/ZDI-20-1287 • CWE-798: Use of Hard-coded Credentials •

CVSS: 8.8EPSS: 80%CPEs: 36EXPL: 0

CVE-2020-11853 – Arbitrary code execution vulnerability on multiple Micro Focus products

https://notcve.org/view.php?id=CVE-2020-11853

Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) • http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html https://softwaresupport.softwaregrp.com/doc/KM03747657 https://softwaresupport.softwaregrp.com/doc/KM03747658 https://softwaresupport.softwaregrp.com/doc/KM03747854 https://softwaresupport.softwaregrp.com/doc/KM03747948 https://softwaresupport.softwaregrp.com/doc/KM03747949 https://softwaresupport.softwaregrp.com/doc/KM03747950 https://soft •