CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6491 – MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-6491
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege. Vulnerabilidad de escalado local de privilegios en Micro Focus Universal CMDB 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33 y 11.00. La vulnerabilidad se podría explotar de forma remota para permitir un escalado local de privilegios. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Hewlett Packard Enterprise Universal CMDB. • http://www.securitytracker.com/id/1040680 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03141180 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-6488 – MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance
https://notcve.org/view.php?id=CVE-2018-6488
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution. Vulnerabilidad de ejecución de código arbitrario en Micro Focus Universal CMDB 4.10, 4.11 y 4.12. Esta vulnerabilidad podría explotarse de forma remota para permitir la ejecución de código arbitrario. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03086019 • CWE-94: Improper Control of Generation of Code ('Code Injection') •