CVE-2020-11854

🗓️ 27 Oct 2020 16:29:44Reported by microfocusType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 110 Views🌐 WEB

Arbitrary code execution vulnerability in Micro Focus product

Reporter	Title	Published	Views	Family All 13
0day.today	Micro Focus UCMDB Remote Code Execution Exploit	28 Jan 202100:00	–	zdt
Circl	CVE-2020-11854	27 Oct 202019:31	–	circl
Check Point Advisories	Micro Focus UCMDB Remote Code Execution (CVE-2020-11854; CVE-2020-11853)	15 Feb 202100:00	–	checkpoint_advisories
Cvelist	CVE-2020-11854 Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) products.	27 Oct 202016:29	–	cvelist
Metasploit	Micro Focus UCMDB Java Deserialization Unauthenticated Remote Code Execution	27 Jan 202117:42	–	metasploit
Nuclei	Micro Focus UCMDB - Remote Code Execution	1 Jun 202605:38	–	nuclei
NVD	CVE-2020-11854	27 Oct 202017:15	–	nvd
Packet Storm	Micro Focus UCMDB Remote Code Execution	28 Jan 202100:00	–	packetstorm
Prion	Design/Logic Flaw	27 Oct 202017:15	–	prion
Rapid7 Blog	Metasploit Wrap-Up	29 Jan 202121:09	–	rapid7blog

NVD

Node

microfocus application_performance_managementMatch9.50

microfocus application_performance_managementMatch9.51

microfocus operations_bridgeMatch2017.11

microfocus operations_bridgeMatch2018.02

microfocus operations_bridgeMatch2018.05

microfocus operations_bridgeMatch2018.08

microfocus operations_bridgeMatch2018.11

microfocus operations_bridgeMatch2019.05

microfocus operations_bridgeMatch2019.08

microfocus operations_bridgeMatch2020.05

microfocus operations_bridge_managerRange≤10.10

microfocus operations_bridge_managerMatch10.11

microfocus operations_bridge_managerMatch10.12

microfocus operations_bridge_managerMatch10.60

microfocus operations_bridge_managerMatch10.61

microfocus operations_bridge_managerMatch10.62

microfocus operations_bridge_managerMatch10.63

microfocus operations_bridge_managerMatch2018.05

microfocus operations_bridge_managerMatch2018.11

microfocus operations_bridge_managerMatch2019.05

microfocus operations_bridge_managerMatch2019.11

microfocus operations_bridge_managerMatch2020.05

Node

microfocus application_performance_managementMatch9.40

microfocus universal_cmdbMatch10.33cumulative_update_package_3

[
  {
    "product": "Application Performance Management",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "9.51"
      },
      {
        "status": "affected",
        "version": "9.50"
      },
      {
        "status": "affected",
        "version": "9.40"
      }
    ]
  },
  {
    "product": "Operation Bridge (containerized)",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2020.05"
      },
      {
        "status": "affected",
        "version": "2019.08"
      },
      {
        "status": "affected",
        "version": "2019.05"
      },
      {
        "status": "affected",
        "version": "2018.11"
      },
      {
        "status": "affected",
        "version": "2018.08"
      },
      {
        "status": "affected",
        "version": "2018.05"
      },
      {
        "status": "affected",
        "version": "2018.02"
      },
      {
        "status": "affected",
        "version": "2017.11"
      }
    ]
  },
  {
    "product": "Operation Bridge Manager",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2020.05"
      },
      {
        "status": "affected",
        "version": "2019.11"
      },
      {
        "status": "affected",
        "version": "2019.05"
      },
      {
        "status": "affected",
        "version": "2018.11"
      },
      {
        "status": "affected",
        "version": "2018.05"
      },
      {
        "status": "affected",
        "version": "10.63"
      },
      {
        "status": "affected",
        "version": "10.62"
      },
      {
        "status": "affected",
        "version": "10.61"
      },
      {
        "status": "affected",
        "version": "10.60"
      },
      {
        "status": "affected",
        "version": "10.12"
      },
      {
        "status": "affected",
        "version": "10.11"
      },
      {
        "lessThanOrEqual": "10.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03747657
packetstormsecurity	www.packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03747854
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03747658
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-20-1287/

Parameter	Position	Path	Description	CWE
customerID	request body	ucmdb-ui/cms/loginRequest.do;	Login request used to authenticate with the diagnostics user (authentication step for exploit).	CWE-798
isEncoded	request body	ucmdb-ui/cms/loginRequest.do;	Login request used to authenticate with the diagnostics user (authentication step for exploit).	CWE-798
userName	request body	ucmdb-ui/cms/loginRequest.do;	Login request used to authenticate with the diagnostics user (authentication step for exploit).	CWE-798
password	request body	ucmdb-ui/cms/loginRequest.do;	Login request used to authenticate with the diagnostics user (authentication step for exploit).	CWE-798
ldapServerName	request body	ucmdb-ui/cms/loginRequest.do;	Login request used to authenticate with the diagnostics user (authentication step for exploit).	CWE-798

21 Nov 2024 04:58Current

9.7High risk

Vulners AI Score9.7

CVSS 3.19.8

CVSS 210

EPSS0.92403