CVE-2020-11844

🗓️ 29 May 2020 21:15:23Reported by microfocusType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 76 Views

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects various products including Hybrid Cloud Management, ArcSight Investigate, ArcSight Transformation Hub, and more

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2020-11844	30 May 202002:55	–	circl
Cvelist	CVE-2020-11844 Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.	29 May 202021:15	–	cvelist
EUVD	EUVD-2020-4184	7 Oct 202500:30	–	euvd
NVD	CVE-2020-11844	29 May 202022:15	–	nvd
OSV	CVE-2020-11844	29 May 202022:15	–	osv
Prion	Authorization	29 May 202022:15	–	prion
RedhatCVE	CVE-2020-11844	5 Feb 202514:12	–	redhatcve

NVD

Node

microfocus service_management_automationMatch2018.05

microfocus service_management_automationMatch2018.08

microfocus service_management_automationMatch2018.11

microfocus service_management_automationMatch2019.02

microfocus service_management_automationMatch2019.05

microfocus service_management_automationMatch2019.08

microfocus service_management_automationMatch2019.11

microfocus service_management_automationMatch2020.02

[
  {
    "product": "Hybrid Cloud Management",
    "vendor": "Micro Focus",
    "versions": [
      {
        "lessThan": "2019.11",
        "status": "affected",
        "version": "2018.05",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "ArcSight Investigate. versions",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2.4.0"
      },
      {
        "status": "affected",
        "version": "3.0.0"
      },
      {
        "status": "affected",
        "version": "3.1.0"
      }
    ]
  },
  {
    "product": "ArcSight Transformation Hub",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "3.0.0"
      },
      {
        "status": "affected",
        "version": "3.1.0"
      },
      {
        "status": "affected",
        "version": "3.2.0"
      }
    ]
  },
  {
    "product": "ArcSight Interset",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.0"
      }
    ]
  },
  {
    "product": "ArcSight ESM (when ArcSight Fusion",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "7.2.1"
      }
    ]
  },
  {
    "product": "Service Management Automation (SMA)",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2018.05"
      },
      {
        "status": "affected",
        "version": "2018.08"
      },
      {
        "status": "affected",
        "version": "2018.11"
      },
      {
        "status": "affected",
        "version": "2019.02"
      },
      {
        "status": "affected",
        "version": "2019.05"
      },
      {
        "status": "affected",
        "version": "2019.08"
      },
      {
        "status": "affected",
        "version": "2019.11"
      },
      {
        "status": "affected",
        "version": "2020.02"
      }
    ]
  },
  {
    "product": "Operation Bridge Suite (Containerized)",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2018.05"
      },
      {
        "status": "affected",
        "version": "2018.08"
      },
      {
        "status": "affected",
        "version": "2018.11"
      },
      {
        "status": "affected",
        "version": "2019.02"
      },
      {
        "status": "affected",
        "version": "2019.05"
      },
      {
        "status": "affected",
        "version": "2019.8"
      },
      {
        "status": "affected",
        "version": "2019.11"
      }
    ]
  },
  {
    "product": "Network Operation Management",
    "vendor": "Micro Focus",
    "versions": [
      {
        "lessThanOrEqual": "2019.11",
        "status": "affected",
        "version": "2017.11",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Data Center Automation Containerized",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2018.05"
      },
      {
        "status": "affected",
        "version": "2018.08"
      },
      {
        "status": "affected",
        "version": "2018.11"
      },
      {
        "status": "affected",
        "version": "2019.02"
      },
      {
        "status": "affected",
        "version": "2019.05"
      },
      {
        "status": "affected",
        "version": "2019.08"
      },
      {
        "status": "affected",
        "version": "2019.11"
      }
    ]
  },
  {
    "product": "Identity Intelligence. versions",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "1.1.0"
      },
      {
        "lessThan": "unspecified",
        "status": "unaffected",
        "version": "next of 1.1.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03645631
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03645642
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03645628
support	www.support.microfocus.com/kb/doc.php
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03645629
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03645636
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03645630

21 Nov 2024 04:58Current

9.4High risk

Vulners AI Score9.4

CVSS 27.5

CVSS 3.19.8 - 10

EPSS0.01028

CWE-863