Lucene search

K
cve[email protected]CVE-2019-11668
HistorySep 10, 2019 - 9:15 p.m.

CVE-2019-11668

2019-09-1021:15:11
web.nvd.nist.gov
84
cve-2019-11668
http cookie
micro focus
service manager
chat server
vulnerability
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

53.7%

HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

Affected configurations

NVD
Node
microfocusservice_managerMatch9.30
OR
microfocusservice_managerMatch9.31
OR
microfocusservice_managerMatch9.32
OR
microfocusservice_managerMatch9.33
OR
microfocusservice_managerMatch9.34
OR
microfocusservice_managerMatch9.35
OR
microfocusservice_managerMatch9.40
OR
microfocusservice_managerMatch9.41
OR
microfocusservice_managerMatch9.50
OR
microfocusservice_managerMatch9.51
OR
microfocusservice_managerMatch9.52
OR
microfocusservice_managerMatch9.60
OR
microfocusservice_managerMatch9.61
OR
microfocusservice_managerMatch9.62
Node
microfocusservice_manager_chat_serverMatch9.41
OR
microfocusservice_manager_chat_serverMatch9.50
OR
microfocusservice_manager_chat_serverMatch9.51
OR
microfocusservice_manager_chat_serverMatch9.52
OR
microfocusservice_manager_chat_serverMatch9.60
OR
microfocusservice_manager_chat_serverMatch9.61
OR
microfocusservice_manager_chat_serverMatch9.62
Node
microfocusservice_manager_chat_serviceMatch9.41
OR
microfocusservice_manager_chat_serviceMatch9.50
OR
microfocusservice_manager_chat_serviceMatch9.51
OR
microfocusservice_manager_chat_serviceMatch9.52
OR
microfocusservice_manager_chat_serviceMatch9.60
OR
microfocusservice_manager_chat_serviceMatch9.61
OR
microfocusservice_manager_chat_serviceMatch9.62

CNA Affected

[
  {
    "product": "Service Manager,  Service Manager – Chat Service.  Server Manager – Chat Service.",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62."
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

53.7%

Related for CVE-2019-11668