CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-18593 – MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-18593
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information Saltos de directorio remotos y la divulgación de información privilegiada remota en UCMDB Configuration Management Service en sus versiones 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08 y 2018.11. Las vulnerabilidades podrían permitir saltos de directorio y la divulgación de información privilegiada remota. • http://www.securityfocus.com/bid/106374 https://softwaresupport.softwaregrp.com/doc/KM03309650 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6491 – MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-6491
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege. Vulnerabilidad de escalado local de privilegios en Micro Focus Universal CMDB 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33 y 11.00. La vulnerabilidad se podría explotar de forma remota para permitir un escalado local de privilegios. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Hewlett Packard Enterprise Universal CMDB. • http://www.securitytracker.com/id/1040680 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03141180 •