Micro Focus UCMDB Remote Code Execution (CVE-2020-11854; CVE-2020-11853)

A remote code execution vulnerability exists in Micro Focus UCMDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Metasploit Wrap-Up

MobileIron MDM Hessian-Based Java Deserialization RCE Our very own wvu-r7 has added exploits/linux/http/mobileironmdmhessianrce, which exploits an ACL bypass in MobileIron MDM products to execute a Java deserialization attack using a Groovy gadget against a Hessian based endpoint. CVE-2020-15505...

Micro Focus UCMDB Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected, but this module can probably also be used to...

CVE-2020-11853

creationtimestamp| type| source ---|---|--- 2021-01-27 15:07:52+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/microfocusucmdbunauthdeser.rb 2021-02-09 17:33:51+00:00| seen|...

CVE-2020-11853

Micro Focus Operations Bridge Manager and related components (including UCMDB, Data Center Automation, Application Performance Management, Universal CMDB, Hybrid Cloud Management, Service Management Automation) are affected by CVE-2020-11853. The connected sources describe a remote code execution...