CVE-2018-6499

Name of the Vulnerable Software and Affected Versions Hybrid Cloud Management versions HCM2017.11 through HCM2018.05 Operations Bridge Containerized Suite versions 2017.11 through 2018.05 Data Center Automation Containerized Suite versions 2017.01 through 2018.05 Service Management Automation Suite versions 2017.11 through 2018.05 Service Virtualization (SV) with floating licenses using APLS versions older than 10.7 Unified Functional Testing (UFT) with floating licenses using APLS versions older than 10.7 Network Virtualization (NV) with floating licenses using APLS versions older than 10.7 Network Operations Management (NOM) Suite CDF versions 2017.11 through 2018.05

Description The issue allows for Remote Code Execution in several products.

Recommendations For Hybrid Cloud Management versions HCM2017.11 through HCM2018.05, update to a version that uses APLS 10.7 or later. For Operations Bridge Containerized Suite versions 2017.11 through 2018.05, update to a version that uses APLS 10.7 or later. For Data Center Automation Containerized Suite versions 2017.01 through 2018.05, update to a version that uses APLS 10.7 or later. For Service Management Automation Suite versions 2017.11 through 2018.05, update to a version that uses APLS 10.7 or later. For Service Virtualization (SV) with floating licenses, update APLS to version 10.7 or later. For Unified Functional Testing (UFT) with floating licenses, update APLS to version 10.7 or later. For Network Virtualization (NV) with floating licenses, update APLS to version 10.7 or later. For Network Operations Management (NOM) Suite CDF versions 2017.11 through 2018.05, update to a version that uses APLS 10.7 or later.