CVE-2020-9519

{"id": "CVE-2020-9519", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-03-16T13:15:11.447", "references": [{"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789", "source": "security@opentext.com"}, {"url": "https://softwaresupport.softwaregrp.com/doc/KM03607789", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data."}, {"lang": "es", "value": "Una vulnerabilidad de m\u00e9todos HTTP revelados en los servicios Web en el administrador de Micro Focus Service (server), afectando a las versiones 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. La vulnerabilidad podr\u00eda ser explotada para permitir una exposici\u00f3n de datos de configuraci\u00f3n."}], "lastModified": "2024-11-21T05:40:47.640", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CF018AC-5A5A-4E77-A60B-C36D368C68F1", "versionEndIncluding": "9.63", "versionStartIncluding": "9.40"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}