PT-2020-12898 · Micro Focus · Micro Focus Operation Bridge Reporter

Pedrib1337

Published

2020-09-22

Updated

2021-07-21

CVE-2020-11856

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Micro Focus Operation Bridge Reporter versions 10.40 and earlier

Description The issue is related to arbitrary code execution, which could allow remote attackers to execute arbitrary code on affected installations. This is due to a missing authentication vulnerability in the JMX interface.

Recommendations For versions 10.40 and earlier, update to a version later than 10.40 to resolve the issue. At the moment, there is no information about other specific fixes for this vulnerability.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-11856

ZDI-20-1216

Affected Products

Micro Focus Operation Bridge Reporter

PT-2020-12898 · Micro Focus · Micro Focus Operation Bridge Reporter

CVE-2020-11856

Weakness Enumeration

Related Identifiers

Affected Products

References · 4