Lucene search
K

168 matches found

Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.403 views

Micro Focus Operations Bridge Manager Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Manager Local Privilege Escalation', 'Description' = %q This module exploits an incorrectly permissioned folder in...

4.6CVSS0.6AI score0.02687EPSS
Exploits3
0day.today
0day.today
added 2021/02/15 12:0 a.m.73 views

Micro Focus Operations Bridge Manager Local Privilege Escalation Exploit

This Metasploit module exploits an insecure permission vulnerability on a folder in Micro Focus Operations Bridge Manager. An unprivileged user such as Guest can drop a JSP file in an exploded WAR directory and then access it without authentication by making a request to the OBM server. This will...

7.8CVSS8AI score0.02687EPSS
Exploits3
OSV
OSV
added 2021/02/12 8:15 p.m.3 views

CVE-2021-22504

Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server...

9.8CVSS7.9AI score0.03336EPSS
Exploits0References1
NVD
NVD
added 2021/02/12 8:15 p.m.23 views

CVE-2021-22504

Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server...

10CVSS0.03336EPSS
Exploits0References1
Prion
Prion
added 2021/02/12 8:15 p.m.20 views

Remote code execution

Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server...

10CVSS9.7AI score0.03336EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/12 7:42 p.m.28 views

CVE-2021-22504

Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server...

9.9AI score0.03336EPSS
Exploits0References1
CVE
CVE
added 2021/02/12 7:42 p.m.70 views

CVE-2021-22504

CVE-2021-22504 affects Micro Focus Operations Bridge Manager (OBM) software, covering versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, and 2020.10. The Red Hat/NVD records describe arbitrary remote code execution as the impact, with no explicit root-cause details provided in th...

10CVSS9.7AI score0.03336EPSS
Exploits0References1Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2021/02/12 7:26 p.m.178 views

Metasploit Wrap-Up

MicroFocus? More like MacroVuln MicroFocus’s Operations Bridge Manager is a security information and event management SIEM tool designed to collect and parse security logs from multiple disparate sources. OBM has a large attack surface—something Pedro Ribeiro was able to take advantage of with hi...

9CVSS8.8AI score0.99295EPSS
Exploits94
CNNVD
CNNVD
added 2021/02/12 12:0 a.m.7 views

Micro Focus Operations Bridge Manager Security Vulnerability

Micro Focus Operations Bridge Manager is a software application from Micro Focus UK. It provides a monitoring function. A security vulnerability exists in the Micro Focus Operations Bridge Manager product that allows arbitrary code execution and affects the following products and versions: 10.1x,...

10CVSS7.8AI score0.03336EPSS
Exploits0References2
0day.today
0day.today
added 2021/02/11 12:0 a.m.89 views

Micro Focus Operations Bridge Manager Remote Code Execution Exploit

This Metasploit module exploits an authenticated Java deserialization that affects a truckload of Micro Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation, Universal CMDB, Hybrid Cloud Management and Service Management Automation. However, this...

8.8CVSS8.9AI score0.7699EPSS
Exploits6
Metasploit
Metasploit
added 2021/02/10 5:41 p.m.86 views

Micro Focus Operations Bridge Manager Authenticated Remote Code Execution

This module exploits an authenticated Java deserialization that affects a truckload of Micro Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation, Universal CMDB, Hybrid Cloud Management and Service Management Automation. However this module was on...

8.8CVSS9.2AI score0.7699EPSS
Exploits6
Zero Day Initiative
Zero Day Initiative
added 2021/02/09 12:0 a.m.53 views

Micro Focus Operations Bridge Reporter userName Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Reporter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the userName parameter provided to the...

9.8CVSS2.7AI score0.9674EPSS
Exploits4References1
CNVD
CNVD
added 2021/02/09 12:0 a.m.10 views

Micro Focus Operations Bridge Reporter Remote Code Execution Vulnerability

Micro Focus Operations Bridge Reporter OBR is an IT reporting software that provides resource, event, and response time reports across server, network, and application environments. A remote code execution vulnerability exists in Micro Focus Operations Bridge Reporter version 10.40. An attacker...

10CVSS7.8AI score0.9674EPSS
Exploits4References1
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.6 views

Micro Focus Operation Bridge 操作系统命令注入漏洞

Micro Focus Operations Bridge Reporter OBR is an IT reporting software that provides resource, event, and response time reports across server, network, and application environments. A remote code execution vulnerability exists in Micro Focus Operations Bridge Reporter version 10.40. An attacker...

10CVSS8.2AI score0.9674EPSS
Exploits4References7
0day.today
0day.today
added 2021/01/28 12:0 a.m.96 views

Micro Focus UCMDB Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected, but this module can probably also be used to...

9.8CVSS9AI score0.7699EPSS
Exploits6
Metasploit
Metasploit
added 2021/01/27 5:42 p.m.55 views

Micro Focus UCMDB Java Deserialization Unauthenticated Remote Code Execution

This module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected, but this module can probably also be used to exploit...

10CVSS9.6AI score0.7699EPSS
Exploits6
Zero Day Initiative
Zero Day Initiative
added 2020/10/28 12:0 a.m.39 views

Micro Focus Operations Bridge Manager PermissionsService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.6AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
added 2020/10/28 12:0 a.m.27 views

Micro Focus Operations Bridge Manager WatchServerAPI Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.6AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
added 2020/10/28 12:0 a.m.23 views

Micro Focus Operations Bridge Manager CorrelationRunnerFacade Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.8AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
added 2020/10/28 12:0 a.m.28 views

Micro Focus Operations Bridge Manager ClassModelService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.6AI score0.7699EPSS
Exploits6References1
Rows per page
Query Builder