CVE-2020-11854

Summary

Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
Micro FocusApplication Performance Management9.51affected
Micro FocusApplication Performance Management9.50affected
Micro FocusApplication Performance Management9.40affected
Micro FocusOperation Bridge (containerized)2020.05affected
Micro FocusOperation Bridge (containerized)2019.08affected
Micro FocusOperation Bridge (containerized)2019.05affected
Micro FocusOperation Bridge (containerized)2018.11affected
Micro FocusOperation Bridge (containerized)2018.08affected
Micro FocusOperation Bridge (containerized)2018.05affected
Micro FocusOperation Bridge (containerized)2018.02affected
Micro FocusOperation Bridge (containerized)2017.11affected
Micro FocusOperation Bridge Manager2020.05affected
Micro FocusOperation Bridge Manager2019.11affected
Micro FocusOperation Bridge Manager2019.05affected
Micro FocusOperation Bridge Manager2018.11affected
Micro FocusOperation Bridge Manager2018.05affected
Micro FocusOperation Bridge Manager10.63affected
Micro FocusOperation Bridge Manager10.62affected
Micro FocusOperation Bridge Manager10.61affected
Micro FocusOperation Bridge Manager10.60affected
Micro FocusOperation Bridge Manager10.12affected
Micro FocusOperation Bridge Manager10.11affected
Micro FocusOperation Bridge Managerunspecified <= 10.10affected

Weaknesses

  • Arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References