PT-2018-14535 · Micro Focus · Ucmdb Configuration Management Service

Published

2018-12-31

Updated

2019-10-09

CVE-2018-18593

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions UCMDB Configuration Management Service versions 10.22 through 10.22 CUP7 UCMDB Configuration Management Service versions 10.33 through 10.33 CUP3 UCMDB Configuration Management Service versions 2018.02 through 2018.11

Description The issue allows for Remote Directory Traversal and Remote Disclosure of Privileged Information.

Recommendations For versions 10.22 through 10.22 CUP7, update to a version outside of this range to resolve the issue. For versions 10.33 through 10.33 CUP3, update to a version outside of this range to resolve the issue. For versions 2018.02 through 2018.11, update to a version outside of this range to resolve the issue.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2018-18593

Affected Products

Ucmdb Configuration Management Service

PT-2018-14535 · Micro Focus · Ucmdb Configuration Management Service

CVE-2018-18593

Weakness Enumeration

Related Identifiers

Affected Products

References · 4