Vulnerability Details CVE-2020-11857
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user
Exploit prediction scoring system (EPSS) score
EPSS Score 0.654
EPSS Ranking 98.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/162407/Micro-Focus-Operations-Bridge-Reporter-shrboadmin-Default-Password.html
- https://softwaresupport.softwaregrp.com/doc/KM03710590
- https://www.zerodayinitiative.com/advisories/ZDI-20-1215/
- http://packetstormsecurity.com/files/162407/Micro-Focus-Operations-Bridge-Reporter-shrboadmin-Default-Password.html
- https://softwaresupport.softwaregrp.com/doc/KM03710590
- https://www.zerodayinitiative.com/advisories/ZDI-20-1215/
Products affected by CVE-2020-11857
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.00
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.01
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.02
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.10
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.20
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.21
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.22
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.30
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.31
-
cpe:2.3:a:microfocus:operation_bridge_reporter:10.40