CVE-2019-11658

2019-08-2922:23:51

microfocus

www.cve.org

4.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state.

CNA Affected

[
  {
    "product": "Content Manager",
    "vendor": "Micro Focus",
    "versions": [
      {
        "status": "affected",
        "version": "9.1"
      },
      {
        "status": "affected",
        "version": "9.2"
      },
      {
        "status": "affected",
        "version": "9.3"
      }
    ]
  }
]

References

softwaresupport.softwaregrp.com/doc/KM03496282