CVE-2020-11855

Published: Sep 22, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges.

Affected (1)

Products: Microfocus: Operation Bridge Reporter

Microfocus

1 product

Operation Bridge Reporter

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microfocus Operation Bridge Reporter	Up to 10.40

Related CWEs

CWE-732

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (4)

https://softwaresupport.softwaregrp.com/doc/KM03710590

Source: security@opentext.com

https://www.zerodayinitiative.com/advisories/ZDI-20-1217/

Source: security@opentext.com

https://softwaresupport.softwaregrp.com/doc/KM03710590

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.zerodayinitiative.com/advisories/ZDI-20-1217/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.