CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11844

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.2%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2020-11844

Microfocus » Service Management Automation » Version: 2018.05

cpe:2.3:a:microfocus:service_management_automation:2018.05
Microfocus » Service Management Automation » Version: 2018.08

cpe:2.3:a:microfocus:service_management_automation:2018.08
Microfocus » Service Management Automation » Version: 2018.11

cpe:2.3:a:microfocus:service_management_automation:2018.11
Microfocus » Service Management Automation » Version: 2019.02

cpe:2.3:a:microfocus:service_management_automation:2019.02
Microfocus » Service Management Automation » Version: 2019.05

cpe:2.3:a:microfocus:service_management_automation:2019.05
Microfocus » Service Management Automation » Version: 2019.08

cpe:2.3:a:microfocus:service_management_automation:2019.08
Microfocus » Service Management Automation » Version: 2019.11

cpe:2.3:a:microfocus:service_management_automation:2019.11
Microfocus » Service Management Automation » Version: 2020.02

cpe:2.3:a:microfocus:service_management_automation:2020.02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11844

Products

Pricing

Contact Us