CVE-2020-11858 vulnerability in Micro Focus Products
Published on October 27, 2020
Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products.
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.
Vulnerability Analysis
CVE-2020-11858 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Products Associated with CVE-2020-11858
stack.watch emails you whenever new vulnerabilities are published in Micro Focus Operations Bridge or Micro Focus Operations Bridge Manager. Just hit a watch button to start following.
Affected Versions
Micro Focus Operation Bridge (containerized):- Version 2020.05 is affected.
- Version 2019.08 is affected.
- Version 2019.05 is affected.
- Version 2018.11 is affected.
- Version 2018.08 is affected.
- Version 2018.05 is affected.
- Version 2018.02 is affected.
- Version 2017.11 is affected.
- Version 2020.05 is affected.
- Version 2019.11 is affected.
- Version 2019.05 is affected.
- Version 2018.11 is affected.
- Version 2018.05 is affected.
- Version 10.63 is affected.
- Version 10.62 is affected.
- Version 10.61 is affected.
- Version 10.60 is affected.
- Version 10.12 is affected.
- Version 10.11 is affected.
- Version unspecified, <= 10.10 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.