CVE-2018-18590 — Sensitive Information Exposure in Focus Operation Bridge Containerized Suite

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

8.8HIGHNVD

CNA9.6

EPSS

0.2%

top 51.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Micro Focus Operation Bridge Containerized Suite Microfocus Operations Bridge

Timeline

PublishedNov 7

Latest updateMay 13

Description

A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5micro_focus/operation_bridge_containerized_suite2017.11, 2018.02, 2018.05, 2018.08

▶NVDmicrofocus/operations_bridge4 versions+3

🔴Vulnerability Details

GHSA

GHSA-38m3-4jxp-wf6g: A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017↗2022-05-13

▶

CVEList

MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution↗2018-11-07

▶