4 matches found
CVE-2021-22502
Micro Focus Operations Bridge Reporter 10.40 is vulnerable to unauthenticated remote code execution via a login command injection vulnerability. The Nuclei template and Metasploit module describe an unauthenticated path to run arbitrary commands on the OBR server, potentially enabling full system...
CVE-2020-11857
CVE-2020-11857 affects Micro Focus Operations Bridge Reporter up to v10.40, with an authorization bypass (and, per ZDI, a hard-coded shrboadmin password) enabling remote access to the OBR host and, in the cited advisory, remote code execution. Affected versions are 10.40 and earlier; no explicit ...
CVE-2020-11855
CVE-2020-11855 is a local authorization-bypass vulnerability in Micro Focus Operations Bridge Reporter (OBR) and affected OBM/OBR components up to version 10.40 and earlier. The root cause is incorrect permissions/authorization handling, enabling a local attacker on the OBR host to execute code w...
CVE-2020-11856
The CVE covers Micro Focus Operations Bridge Reporter (OBR) vulnerable through its JMX remote interface. Connected sources confirm: affected product is OBR, version 10.40 and earlier, with a root cause described as misconfigured or unauthenticated JMX access that allows remote code execution. The...