CVE-2020-9518

{"id": "CVE-2020-9518", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-03-16T14:15:14.727", "references": [{"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792", "source": "security@opentext.com"}, {"url": "https://softwaresupport.softwaregrp.com/doc/KM03607792", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data."}, {"lang": "es", "value": "Una vulnerabilidad del filtro de inicio de sesi\u00f3n que puede acceder los archivos de configuraci\u00f3n en Micro Focus Service Manager (Web Tier), afectando a las versiones 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podr\u00eda ser explotada para permitir acceso no autorizado a los datos de configuraci\u00f3n."}], "lastModified": "2024-11-21T05:40:47.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3F2DA8C-6646-4BBE-B94D-D7B9AE797F97", "versionEndIncluding": "9.62", "versionStartIncluding": "9.50"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}