211 matches found
What I expect from IT Asset Inventory
The main problem of vulnerability management, in my opinion, is that it is not always clear whether we know about ALL network hosts existing in our infrastructure or not. So, not the actual process of scanning and the detection of vulnerabilities, but the lack of knowledge what we should scan...
CVE-2018-6497 MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF
Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...
CVE-2018-6495
Cross-Site Scripting XSS in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to...
CVE-2018-6495
Cross-Site Scripting XSS in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to...
Cross site scripting
Cross-Site Scripting XSS in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to...
CVE-2018-6495
The CVE-2018-6495 entry describes a Cross-Site Scripting (XSS) vulnerability in Micro Focus Universal CMDB (versions 10.20–10.33, 11.0), CMS (4.10–4.15.1), and UCMDB Browser (4.10–4.15.1). The flaw is exploitable remotely to inject script or HTML. Connected documents corroborate product scope and...
Privilege escalation
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...
CVE-2018-6491
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...
CVE-2018-6491
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...
Micro Focus Universal CMDB Elevation of Privilege Vulnerability
Universal CMDB UCMDB is a CMDB and discovery software product from Micro Focus. An elevation of privilege vulnerability exists in Micro Focus Universal CMDB. An attacker could exploit this vulnerability to achieve elevation of privilege...
CVE-2018-6491
CVE-2018-6491 affects Micro Focus Universal CMDB (UCMDB) versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. Description: Local Escalation of Privilege vulnerability that could be remotely exploited to achieve Local Escalation of Privilege. Connected sources (e.g., ZDI-18-299) descri...
CVE-2018-6491 MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege...
Hewlett Packard Enterprise Universal CMDB Product Installation File Access Control Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privilege on vulnerable installations of Hewlett Packard Enterprise Universal CMDB. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
Micro Focus Universal CMDB Arbitrary Code Execution Vulnerability
Micro Focus Universal CMDB is a resource management solution from Micro Focus in the United Kingdom. The solution provides bottom-up capabilities including IT infrastructure auto-discovery, data modeling, service mapping definition and service impact analysis, etc. Configuration Manager is one of...
Design/Logic Flaw
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...
CVE-2018-6488
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...
CVE-2018-6488
The CVE-2018-6488 entry concerns Micro Focus Universal CMDB (versions 4.10, 4.11, 4.12). The connected sources indicate an Arbitrary Code Execution vulnerability that could be exploited remotely, allowing an attacker to execute code on the affected system. The documents consistently describe the ...
CVE-2018-6488 MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...
Design/Logic Flaw
Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information...
CVE-2018-6487
Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information...