PT-2018-17589 · Micro Focus · Service Management Automation+4
Publicado
2018-08-30
·
Atualizado
2019-10-09
·
CVE-2018-6498
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Hybrid Cloud Management Containerized Suite versions HCM2017.11 through HCM2018.05
Operations Bridge Containerized Suite versions 2017.11 through 2018.05
Data Center Automation Containerized Suite versions 2017.01 through 2018.05
Service Management Automation Suite versions 2017.11 through 2018.05
Network Operations Management (NOM) Suite CDF versions 2017.11 through 2018.05
Description
The issue allows for Remote Code Execution in several products.
Recommendations
For Hybrid Cloud Management Containerized Suite versions HCM2017.11 through HCM2018.05, update to a version that contains a fix for this issue.
For Operations Bridge Containerized Suite versions 2017.11 through 2018.05, update to a version that contains a fix for this issue.
For Data Center Automation Containerized Suite versions 2017.01 through 2018.05, update to a version that contains a fix for this issue.
For Service Management Automation Suite versions 2017.11 through 2018.05, update to a version that contains a fix for this issue.
For Network Operations Management (NOM) Suite CDF versions 2017.11 through 2018.05, update to a version that contains a fix for this issue.
Correção
RCE
Code Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Data Center Automation Containerized Suite
Hybrid Cloud Management Containerized Suite
Network Operations Management (Nom) Suite Cdf
Operations Bridge Containerized Suite
Service Management Automation