CVE-2020-11844

Name of the Vulnerable Software and Affected Versions Hybrid Cloud Management versions 2018.05 through 2019.11 ArcSight Investigate versions 2.4.0 through 3.1.0 ArcSight Transformation Hub versions 3.0.0 through 3.2.0 ArcSight Interset version 6.0.0 ArcSight ESM version 7.2.1 Service Management Automation (SMA) versions 2018.05 through 2020.02 Operation Bridge Suite (Containerized) versions 2018.05 through 2020.02 Network Operation Management versions 2017.11 through 2019.11 Data Center Automation Containerized versions 2018.05 through 2019.11 Identity Intelligence versions 1.1.0 through 1.1.1

Description The issue is related to an Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation component. This vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.

Recommendations For Hybrid Cloud Management versions 2018.05 through 2019.11, update to a version outside of this range to resolve the issue. For ArcSight Investigate versions 2.4.0 through 3.1.0, update to a version outside of this range to resolve the issue. For ArcSight Transformation Hub versions 3.0.0 through 3.2.0, update to a version outside of this range to resolve the issue. For ArcSight Interset version 6.0.0, update to a version outside of this range to resolve the issue. For ArcSight ESM version 7.2.1, update to a version outside of this range to resolve the issue. For Service Management Automation (SMA) versions 2018.05 through 2020.02, update to a version outside of this range to resolve the issue. For Operation Bridge Suite (Containerized) versions 2018.05 through 2020.02, update to a version outside of this range to resolve the issue. For Network Operation Management versions 2017.11 through 2019.11, update to a version outside of this range to resolve the issue. For Data Center Automation Containerized versions 2018.05 through 2019.11, update to a version outside of this range to resolve the issue. For Identity Intelligence versions 1.1.0 through 1.1.1, update to a version outside of this range to resolve the issue.