Lucene search
HistoryOct 28, 2020 - 12:00 a.m.
Micro Focus Operations Bridge Manager diagnostics Use of Hard-coded Credentials Remote Code Execution Vulnerability
2020-10-2800:00:00
Pedro Ribeiro ([email protected] | @pedrib1337) from Agile Information Security
www.zerodayinitiative.com
18
0.233 Low
EPSS
Percentile
96.6%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the product’s authentication mechanism. The product contains a hard-coded password for the diagnostics user account. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
Related
cvelist
cvelist
prion
prion
Design/Logic Flaw
2020-10-27 17:15:00
nvd
nvd
CVE-2020-11854
2020-10-27 17:15:12
cve
cve
CVE-2020-11854
2020-10-27 17:15:12
nuclei
nuclei
Micro Focus UCMDB - Remote Code Execution
2021-02-26 12:19:36
packetstorm
packetstorm
Micro Focus UCMDB Remote Code Execution
2021-01-28 00:00:00
zdt
zdt
Micro Focus UCMDB Remote Code Execution Exploit
2021-01-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Micro Focus UCMDB Remote Code Execution (CVE-2020-11854; CVE-2020-11853)
2021-02-15 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-01-29 21:09:49