CVE-2020-11844

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2018.08:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2018.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2019.02:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2019.05:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2019.08:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2019.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:service_management_automation:2020.02:*:*:*:*:*:*:*

History

21 Nov 2024, 04:58

Type Values Removed Values Added
CVSS v2 : 7.5
v3 : 9.8
v2 : 7.5
v3 : 10.0
References () https://softwaresupport.softwaregrp.com/doc/KM03645628 - () https://softwaresupport.softwaregrp.com/doc/KM03645628 -
References () https://softwaresupport.softwaregrp.com/doc/KM03645629 - () https://softwaresupport.softwaregrp.com/doc/KM03645629 -
References () https://softwaresupport.softwaregrp.com/doc/KM03645630 - () https://softwaresupport.softwaregrp.com/doc/KM03645630 -
References () https://softwaresupport.softwaregrp.com/doc/KM03645631 - () https://softwaresupport.softwaregrp.com/doc/KM03645631 -
References () https://softwaresupport.softwaregrp.com/doc/KM03645636 - () https://softwaresupport.softwaregrp.com/doc/KM03645636 -
References () https://softwaresupport.softwaregrp.com/doc/KM03645642 - () https://softwaresupport.softwaregrp.com/doc/KM03645642 -
References () https://support.microfocus.com/kb/doc.php?id=7024637 - () https://support.microfocus.com/kb/doc.php?id=7024637 -

07 Nov 2023, 03:15

Type Values Removed Values Added
References (CONFIRM) https://softwaresupport.softwaregrp.com/doc/KM03645628 - () https://softwaresupport.softwaregrp.com/doc/KM03645628 -
References (CONFIRM) https://softwaresupport.softwaregrp.com/doc/KM03645642 - () https://softwaresupport.softwaregrp.com/doc/KM03645642 -
References (CONFIRM) https://softwaresupport.softwaregrp.com/doc/KM03645630 - () https://softwaresupport.softwaregrp.com/doc/KM03645630 -
References (CONFIRM) https://softwaresupport.softwaregrp.com/doc/KM03645636 - () https://softwaresupport.softwaregrp.com/doc/KM03645636 -
References (CONFIRM) https://softwaresupport.softwaregrp.com/doc/KM03645629 - () https://softwaresupport.softwaregrp.com/doc/KM03645629 -
References (CONFIRM) https://softwaresupport.softwaregrp.com/doc/KM03645631 - Vendor Advisory () https://softwaresupport.softwaregrp.com/doc/KM03645631 -
References (CONFIRM) https://support.microfocus.com/kb/doc.php?id=7024637 - () https://support.microfocus.com/kb/doc.php?id=7024637 -

Information

Published : 2020-05-29 22:15

Updated : 2024-11-21 04:58


NVD link : CVE-2020-11844

Mitre link : CVE-2020-11844

CVE.ORG link : CVE-2020-11844


JSON object : View

Products Affected

microfocus

  • service_management_automation
CWE
CWE-863

Incorrect Authorization