PT-2018-17589 · Micro Focus · Service Management Automation+4
Published
2018-08-30
·
Updated
2019-10-09
·
CVE-2018-6498
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Hybrid Cloud Management Containerized Suite versions HCM2017.11 through HCM2018.05
Operations Bridge Containerized Suite versions 2017.11 through 2018.05
Data Center Automation Containerized Suite versions 2017.01 through 2018.05
Service Management Automation Suite versions 2017.11 through 2018.05
Network Operations Management (NOM) Suite CDF versions 2017.11 through 2018.05
Description
The issue allows for Remote Code Execution in several products.
Recommendations
For Hybrid Cloud Management Containerized Suite versions HCM2017.11 through HCM2018.05, update to a version that contains a fix for this issue.
For Operations Bridge Containerized Suite versions 2017.11 through 2018.05, update to a version that contains a fix for this issue.
For Data Center Automation Containerized Suite versions 2017.01 through 2018.05, update to a version that contains a fix for this issue.
For Service Management Automation Suite versions 2017.11 through 2018.05, update to a version that contains a fix for this issue.
For Network Operations Management (NOM) Suite CDF versions 2017.11 through 2018.05, update to a version that contains a fix for this issue.
Fix
RCE
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Data Center Automation Containerized Suite
Hybrid Cloud Management Containerized Suite
Network Operations Management (Nom) Suite Cdf
Operations Bridge Containerized Suite
Service Management Automation