Micro Focus Operation Bridge Manager代码注入漏洞

admin

0
文章

0
评论

2023-12-01 18:44:35 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

Micro Focus Operation Bridge Manager代码注入漏洞

CVE编号

CVE-2020-11853

利用情况

暂无

补丁情况

N/A

披露时间

2020-10-23

漏洞描述

Micro Focus Operation Bridge Manager是英国Micro Focus公司的一款企业级监控软件。该软件通过HTML5来可视化总结服务运行状况。 Micro Focus Operation Bridge Manager 多版本存在代码注入漏洞。该漏洞可能允许远程攻击者执行任意代码。

解决建议

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：https://softwaresupport.softwaregrp.com/doc/KM03747658

参考链接
http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Exe...
http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Man...
https://softwaresupport.softwaregrp.com/doc/KM03747657
https://softwaresupport.softwaregrp.com/doc/KM03747658
https://softwaresupport.softwaregrp.com/doc/KM03747854
https://softwaresupport.softwaregrp.com/doc/KM03747948
https://softwaresupport.softwaregrp.com/doc/KM03747949
https://softwaresupport.softwaregrp.com/doc/KM03747950
https://softwaresupport.softwaregrp.com/doc/KM03749879

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	hp	universal_cmbd_foundation	10.20	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	10.30	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	10.31	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	10.32	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	10.33	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	11.0	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2018.05	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2018.08	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2018.11	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2019.02	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2019.05	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2019.11	-
	运行在以下环境
	应用	hp	universal_cmbd_foundation	2020.05.	-
	运行在以下环境
	应用	microfocus	application_performance_management	9.40	-
	运行在以下环境
	应用	microfocus	application_performance_management	9.50	-
	运行在以下环境
	应用	microfocus	application_performance_management	9.51	-
	运行在以下环境
	应用	microfocus	data_center_automation	*		Up to (including) 2019.11
	运行在以下环境
	应用	microfocus	hybrid_cloud_management	*	From (including) 2018.05	Up to (including) 2020.05
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2017.11	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2018.02	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2018.05	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2018.08	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2018.11	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2019.05	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2019.08	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2019.11	-
	运行在以下环境
	应用	microfocus	operations_bridge_manager	2020.05	-
	运行在以下环境
	应用	microfocus	operation_bridge_manager	*		Up to (including) 10.10
	运行在以下环境
	应用	microfocus	operation_bridge_manager	10.11	-
	运行在以下环境
	应用	microfocus	operation_bridge_manager	10.12	-
	运行在以下环境
	应用	microfocus	operation_bridge_manager	10.60	-
	运行在以下环境
应用	microfocus	operation_bridge_manager	10.61	-
运行在以下环境
应用	microfocus	operation_bridge_manager	10.62	-
运行在以下环境
应用	microfocus	operation_bridge_manager	10.63	-
运行在以下环境
应用	microfocus	service_manager_automation	2020.02	-
运行在以下环境
应用	microfocus	service_manager_automation	2020.05	-