CVE-2020-11858

Description

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Micro Focus / Operation Bridge (containerized)2020.05 – 2020.05
Micro Focus / Operation Bridge (containerized)2019.08 – 2019.08
Micro Focus / Operation Bridge (containerized)2019.05 – 2019.05
Micro Focus / Operation Bridge (containerized)2018.11 – 2018.11
Micro Focus / Operation Bridge (containerized)2018.08 – 2018.08
Micro Focus / Operation Bridge (containerized)2018.05 – 2018.05
Micro Focus / Operation Bridge (containerized)2018.02 – 2018.02
Micro Focus / Operation Bridge (containerized)2017.11 – 2017.11
Micro Focus / Operation Bridge Manager2020.05 – 2020.05
Micro Focus / Operation Bridge Manager2019.11 – 2019.11
Micro Focus / Operation Bridge Manager2019.05 – 2019.05
Micro Focus / Operation Bridge Manager2018.11 – 2018.11
Micro Focus / Operation Bridge Manager2018.05 – 2018.05
Micro Focus / Operation Bridge Manager10.63 – 10.63
Micro Focus / Operation Bridge Manager10.62 – 10.62
Micro Focus / Operation Bridge Manager10.61 – 10.61
Micro Focus / Operation Bridge Manager10.60 – 10.60
Micro Focus / Operation Bridge Manager10.12 – 10.12
Micro Focus / Operation Bridge Manager10.11 – 10.11
Micro Focus / Operation Bridge Managerunspecified – 10.10

Description

CVSS breakdown

Affected products

References