Vulnerability CVE-2020-11855


Published: 2020-09-22

Description:
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges.

Type:

CWE-863

(Incorrect Authorization)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Microfocus -> Operation bridge reporter 

 References:
https://softwaresupport.softwaregrp.com/doc/KM03710590
https://www.zerodayinitiative.com/advisories/ZDI-20-1217/

Copyright 2024, cxsecurity.com

 

Back to Top