PT-2019-12463 · Micro Focus · Micro Focus Service Manager

Published

2019-09-18

Updated

2020-08-24

CVE-2019-11661

CVSS v3.1

8.3

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions Micro Focus Service Manager versions 9.30 through 9.62

Description The issue allows non-SysAdmin users to make changes to certain tables, potentially leading to unauthorized access and modification of data.

Recommendations For versions 9.30 through 9.62, restrict access to sensitive tables to prevent unauthorized modifications until a fix is available. As a temporary workaround, consider disabling non-SysAdmin user access to the affected tables until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-11661

Affected Products

Micro Focus Service Manager

PT-2019-12463 · Micro Focus · Micro Focus Service Manager

CVE-2019-11661

Related Identifiers

Affected Products

References · 3