Vulnerability Details CVE-2022-38754
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.6%
CVSS Severity
CVSS v3 Score 8.0
References
- https://marketplace.microfocus.com/itom/content/operations-bridge-manager-obm-2022-05-hotfixes
- https://portal.microfocus.com/s/article/KM000012517?language=en_US
- https://portal.microfocus.com/s/article/KM000012518?language=en_US
- https://marketplace.microfocus.com/itom/content/operations-bridge-manager-obm-2022-05-hotfixes
- https://portal.microfocus.com/s/article/KM000012517?language=en_US
- https://portal.microfocus.com/s/article/KM000012518?language=en_US
Products affected by CVE-2022-38754
-
cpe:2.3:a:microfocus:operations_bridge:-
-
cpe:2.3:a:microfocus:operations_bridge:2017.11
-
cpe:2.3:a:microfocus:operations_bridge:2018.02
-
cpe:2.3:a:microfocus:operations_bridge:2018.05
-
cpe:2.3:a:microfocus:operations_bridge:2018.08
-
cpe:2.3:a:microfocus:operations_bridge:2018.11
-
cpe:2.3:a:microfocus:operations_bridge:2019.05
-
cpe:2.3:a:microfocus:operations_bridge:2019.08
-
cpe:2.3:a:microfocus:operations_bridge:2020.05
-
cpe:2.3:a:microfocus:operations_bridge:2021.05
-
cpe:2.3:a:microfocus:operations_bridge:2021.08
-
cpe:2.3:a:microfocus:operations_bridge_manager:-
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.10
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.11
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.12
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.60
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.61
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.62
-
cpe:2.3:a:microfocus:operations_bridge_manager:10.63
-
cpe:2.3:a:microfocus:operations_bridge_manager:2017.11
-
cpe:2.3:a:microfocus:operations_bridge_manager:2018.02
-
cpe:2.3:a:microfocus:operations_bridge_manager:2018.05
-
cpe:2.3:a:microfocus:operations_bridge_manager:2018.08
-
cpe:2.3:a:microfocus:operations_bridge_manager:2018.11
-
cpe:2.3:a:microfocus:operations_bridge_manager:2019.05
-
cpe:2.3:a:microfocus:operations_bridge_manager:2019.08
-
cpe:2.3:a:microfocus:operations_bridge_manager:2019.11
-
cpe:2.3:a:microfocus:operations_bridge_manager:2020.05
-
cpe:2.3:a:microfocus:operations_bridge_manager:2020.10