cbcvebase.
CVE-2020-11858
published 2020-10-27

CVE-2020-11858: Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility…

PriorityP350high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
2.69%
84.0th percentile
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.

Affected

40 ranges· showing 25
VendorProductVersion rangeFixed in
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_manager
micro_focusoperation_bridge_managerunspecified – 10.10
microfocusoperations_bridge
microfocusoperations_bridge
microfocusoperations_bridge
microfocusoperations_bridge
microfocusoperations_bridge

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.