Lucene search
K
MicrofocusOperation Bridge Reporter

4 matches found

CVE
CVE
added 2021/02/08 9:12 p.m.1143 views

CVE-2021-22502

Micro Focus Operations Bridge Reporter 10.40 is vulnerable to unauthenticated remote code execution via a login command injection vulnerability. The Nuclei template and Metasploit module describe an unauthenticated path to run arbitrary commands on the OBR server, potentially enabling full system...

10CVSS9.6AI score0.9674EPSS
In wildWeb
CVE
CVE
added 2020/09/22 2:0 p.m.84 views

CVE-2020-11857

CVE-2020-11857 affects Micro Focus Operations Bridge Reporter up to v10.40, with an authorization bypass (and, per ZDI, a hard-coded shrboadmin password) enabling remote access to the OBR host and, in the cited advisory, remote code execution. Affected versions are 10.40 and earlier; no explicit ...

9.8CVSS9.3AI score0.15776EPSS
CVE
CVE
added 2020/09/22 1:54 p.m.45 views

CVE-2020-11855

CVE-2020-11855 is a local authorization-bypass vulnerability in Micro Focus Operations Bridge Reporter (OBR) and affected OBM/OBR components up to version 10.40 and earlier. The root cause is incorrect permissions/authorization handling, enabling a local attacker on the OBR host to execute code w...

7.8CVSS7.7AI score0.01348EPSS
CVE
CVE
added 2020/09/22 2:3 p.m.45 views

CVE-2020-11856

The CVE covers Micro Focus Operations Bridge Reporter (OBR) vulnerable through its JMX remote interface. Connected sources confirm: affected product is OBR, version 10.40 and earlier, with a root cause described as misconfigured or unauthenticated JMX access that allows remote code execution. The...

10CVSS9.8AI score0.05235EPSS