Lucene search

MicrofocusCVELIST:CVE-2018-6493

HistoryMay 09, 2018 - 12:00 a.m.

CVE-2018-6493 MFSBGN03806 rev.1 - HP Network Automation Software, Network Operations Management (NOM) Suite, Multiple Vulnerabilities

2018-05-0900:00:00

microfocus

www.cve.org

8.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON

SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.

CNA Affected

[
  {
    "product": "Network Operations Management Ultimate",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "2017.07, 2017.11, 2018.02"
      }
    ]
  },
  {
    "product": "Network Automation",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50"
      }
    ]
  }
]

References

www.securityfocus.com/bid/104131

www.securitytracker.com/id/1040900

softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014

8.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON

Related for CVELIST:CVE-2018-6493