Lucene search
K

211 matches found

Information Security Automation
Information Security Automation
added 2018/08/05 12:53 a.m.52 views

What I expect from IT Asset Inventory

The main problem of vulnerability management, in my opinion, is that it is not always clear whether we know about ALL network hosts existing in our infrastructure or not. So, not the actual process of scanning and the detection of vulnerabilities, but the lack of knowledge what we should scan...

7AI score
Exploits0
Cvelist
Cvelist
added 2018/06/15 9:0 p.m.17 views

CVE-2018-6497 MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...

7.5CVSS9AI score0.00578EPSS
Exploits0References2
NVD
NVD
added 2018/05/23 6:29 p.m.12 views

CVE-2018-6495

Cross-Site Scripting XSS in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to...

6.3CVSS5.4AI score0.00653EPSS
Exploits0References2
OSV
OSV
added 2018/05/23 6:29 p.m.4 views

CVE-2018-6495

Cross-Site Scripting XSS in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to...

5.4CVSS5.8AI score0.00653EPSS
Exploits0References2
Prion
Prion
added 2018/05/23 6:29 p.m.13 views

Cross site scripting

Cross-Site Scripting XSS in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to...

3.5CVSS5.9AI score0.00653EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2018/05/23 6:0 p.m.43 views

CVE-2018-6495

The CVE-2018-6495 entry describes a Cross-Site Scripting (XSS) vulnerability in Micro Focus Universal CMDB (versions 10.20–10.33, 11.0), CMS (4.10–4.15.1), and UCMDB Browser (4.10–4.15.1). The flaw is exploitable remotely to inject script or HTML. Connected documents corroborate product scope and...

6.3CVSS5.4AI score0.00653EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/04/24 1:29 a.m.20 views

Privilege escalation

Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...

7.2CVSS9.3AI score0.01013EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/04/24 1:29 a.m.18 views

CVE-2018-6491

Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...

9.8CVSS8.5AI score0.01013EPSS
Exploits0References2
OSV
OSV
added 2018/04/24 1:29 a.m.3 views

CVE-2018-6491

Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...

9.8CVSS5.8AI score0.01013EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/24 12:0 a.m.3 views

Micro Focus Universal CMDB Elevation of Privilege Vulnerability

Universal CMDB UCMDB is a CMDB and discovery software product from Micro Focus. An elevation of privilege vulnerability exists in Micro Focus Universal CMDB. An attacker could exploit this vulnerability to achieve elevation of privilege...

9.8CVSS7.1AI score0.01013EPSS
Exploits0References1
CVE
CVE
added 2018/04/23 9:0 p.m.37 views

CVE-2018-6491

CVE-2018-6491 affects Micro Focus Universal CMDB (UCMDB) versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. Description: Local Escalation of Privilege vulnerability that could be remotely exploited to achieve Local Escalation of Privilege. Connected sources (e.g., ZDI-18-299) descri...

9.8CVSS8.9AI score0.01013EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/04/23 9:0 p.m.21 views

CVE-2018-6491 MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability

Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...

8.1CVSS9.4AI score0.01013EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2018/04/12 12:0 a.m.25 views

Hewlett Packard Enterprise Universal CMDB Product Installation File Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privilege on vulnerable installations of Hewlett Packard Enterprise Universal CMDB. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.2CVSS4.3AI score0.01013EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/26 12:0 a.m.4 views

Micro Focus Universal CMDB Arbitrary Code Execution Vulnerability

Micro Focus Universal CMDB is a resource management solution from Micro Focus in the United Kingdom. The solution provides bottom-up capabilities including IT infrastructure auto-discovery, data modeling, service mapping definition and service impact analysis, etc. Configuration Manager is one of...

9.8CVSS8.2AI score0.01845EPSS
Exploits0References1
Prion
Prion
added 2018/02/22 10:29 p.m.13 views

Design/Logic Flaw

Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...

7.5CVSS9.4AI score0.01845EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/02/22 10:29 p.m.13 views

CVE-2018-6488

Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...

9.8CVSS8.6AI score0.01845EPSS
Exploits0References1
CVE
CVE
added 2018/02/22 10:0 p.m.47 views

CVE-2018-6488

The CVE-2018-6488 entry concerns Micro Focus Universal CMDB (versions 4.10, 4.11, 4.12). The connected sources indicate an Arbitrary Code Execution vulnerability that could be exploited remotely, allowing an attacker to execute code on the affected system. The documents consistently describe the ...

9.8CVSS9AI score0.01845EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/22 10:0 p.m.13 views

CVE-2018-6488 MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance

Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...

8.1CVSS9.5AI score0.01845EPSS
Exploits0References1
Prion
Prion
added 2018/02/20 9:29 p.m.13 views

Design/Logic Flaw

Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information...

5CVSS7.4AI score0.01903EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/02/20 9:29 p.m.13 views

CVE-2018-6487

Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information...

9.8CVSS9.3AI score0.01903EPSS
Exploits0References1
Rows per page
Query Builder