CVE-2020-11854 vulnerability in Micro Focus Products
Published on October 27, 2020
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products.
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.
Vulnerability Analysis
CVE-2020-11854 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.
Products Associated with CVE-2020-11854
Want to know whenever a new CVE is published for Micro Focus products? stack.watch will email you.
Affected Versions
Micro Focus Application Performance Management:- Version 9.51 is affected.
- Version 9.50 is affected.
- Version 9.40 is affected.
- Version 2020.05 is affected.
- Version 2019.08 is affected.
- Version 2019.05 is affected.
- Version 2018.11 is affected.
- Version 2018.08 is affected.
- Version 2018.05 is affected.
- Version 2018.02 is affected.
- Version 2017.11 is affected.
- Version 2020.05 is affected.
- Version 2019.11 is affected.
- Version 2019.05 is affected.
- Version 2018.11 is affected.
- Version 2018.05 is affected.
- Version 10.63 is affected.
- Version 10.62 is affected.
- Version 10.61 is affected.
- Version 10.60 is affected.
- Version 10.12 is affected.
- Version 10.11 is affected.
- Version unspecified, <= 10.10 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.