PT-2020-12897 · Micro Focus · Operation Bridge Reporter

Pedrib1337

Published

2020-09-22

Updated

2021-07-21

CVE-2020-11855

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Micro Focus Operation Bridge Reporter versions 10.40 and earlier

Description The issue is related to an Authorization Bypass, which could allow local attackers on the host to execute code with escalated privileges. This is due to an incorrect permission assignment.

Recommendations For versions 10.40 and earlier, update to a version later than 10.40 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2020-11855

ZDI-20-1217

Affected Products

Operation Bridge Reporter

PT-2020-12897 · Micro Focus · Operation Bridge Reporter

CVE-2020-11855

Weakness Enumeration

Related Identifiers

Affected Products

References · 5