Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

Low

Attack Vector

Network

0

CVE-2020-11853

Disclosure Date: October 22, 2020 •

CVE-2020-11853 CVSS v3 Base Score: 8.8

Description

Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

8.8 High

Impact Score:

5.9

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

OS

Unknown

Vulnerable Versions

Operation Bridge Manager 2020.5

Operation Bridge Manager 2019.11

Operation Bridge Manager 2019.05

Operation Bridge Manager 2018.11

Operation Bridge Manager 2018.05

Operation Bridge Manager 10.63

Application Performance Management 9.51

Application Performance Management 9.50

Application Performance Management 9.40

Data Center Automation 2019.11

Operations Bridge (containerized) 2019.11

Operations Bridge (containerized) 2019.08

Operations Bridge (containerized) 2019.05

Operations Bridge (containerized) 2018.11

Operations Bridge (containerized) 2018.08

Operations Bridge (containerized) 2018.05

Operations Bridge (containerized) 2018.02

Operations Bridge (containerized) 2017.11

Universal CMDB 2020.05

Universal CMDB 2019.11

Universal CMDB 2019.05

Universal CMDB 2019.02

Universal CMDB 2018.11

Universal CMDB 2018.08

Universal CMDB 2018.05

Universal CMDB 11.0

Universal CMDB 10.33

Universal CMDB 10.32

Universal CMDB 10.31

Universal CMDB 10.30

Hybrid Cloud Management 2020.05

Service Management Automation 2020.05

Service Management Automation 2020.02

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

hp,
microfocus

Products

application performance management 9.40,
application performance management 9.50,
application performance management 9.51,
data center automation,
hybrid cloud management,
operation bridge manager,
operation bridge manager 10.11,
operation bridge manager 10.12,
operation bridge manager 10.60,
operation bridge manager 10.61,
operation bridge manager 10.62,
operation bridge manager 10.63,
operations bridge manager 2017.11,
operations bridge manager 2018.02,
operations bridge manager 2018.05,
operations bridge manager 2018.08,
operations bridge manager 2018.11,
operations bridge manager 2019.05,
operations bridge manager 2019.08,
operations bridge manager 2019.11,
operations bridge manager 2020.05,
service manager automation 2020.02,
service manager automation 2020.05,
universal cmbd foundation 10.20,
universal cmbd foundation 10.30,
universal cmbd foundation 10.31,
universal cmbd foundation 10.32,
universal cmbd foundation 10.33,
universal cmbd foundation 11.0,
universal cmbd foundation 2018.05,
universal cmbd foundation 2018.08,
universal cmbd foundation 2018.11,
universal cmbd foundation 2019.02,
universal cmbd foundation 2019.05,
universal cmbd foundation 2019.11,
universal cmbd foundation 2020.05.

Metasploit Modules

exploit/multi/http/microfocus_ucmdb_unauth_deser (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/microfocus_ucmdb_unauth_deser.rb)

exploit/multi/http/microfocus_obm_auth_rce (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/microfocus_obm_auth_rce.rb)

References

Canonical

CVE-2020-11853 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11853)

Miscellaneous

https://softwaresupport.softwaregrp.com/doc/KM03747658

https://www.zerodayinitiative.com/advisories/ZDI-20-1301/

https://www.zerodayinitiative.com/advisories/ZDI-20-1303/

https://www.zerodayinitiative.com/advisories/ZDI-20-1305/

https://www.zerodayinitiative.com/advisories/ZDI-20-1293/

https://www.zerodayinitiative.com/advisories/ZDI-20-1328/

https://www.zerodayinitiative.com/advisories/ZDI-20-1318/

https://www.zerodayinitiative.com/advisories/ZDI-20-1316/

https://www.zerodayinitiative.com/advisories/ZDI-20-1306/

https://www.zerodayinitiative.com/advisories/ZDI-20-1300/

https://www.zerodayinitiative.com/advisories/ZDI-20-1312/

https://www.zerodayinitiative.com/advisories/ZDI-20-1298/

https://www.zerodayinitiative.com/advisories/ZDI-20-1289/

https://www.zerodayinitiative.com/advisories/ZDI-20-1323/

https://www.zerodayinitiative.com/advisories/ZDI-20-1324/

https://www.zerodayinitiative.com/advisories/ZDI-20-1321/

https://www.zerodayinitiative.com/advisories/ZDI-20-1299/

https://www.zerodayinitiative.com/advisories/ZDI-20-1313/

https://www.zerodayinitiative.com/advisories/ZDI-20-1292/

https://www.zerodayinitiative.com/advisories/ZDI-20-1315/

https://www.zerodayinitiative.com/advisories/ZDI-20-1296/

https://www.zerodayinitiative.com/advisories/ZDI-20-1320/

https://www.zerodayinitiative.com/advisories/ZDI-20-1309/

https://www.zerodayinitiative.com/advisories/ZDI-20-1295/

https://www.zerodayinitiative.com/advisories/ZDI-20-1288/

https://www.zerodayinitiative.com/advisories/ZDI-20-1290/

https://www.zerodayinitiative.com/advisories/ZDI-20-1308/

https://www.zerodayinitiative.com/advisories/ZDI-20-1311/

https://www.zerodayinitiative.com/advisories/ZDI-20-1297/

https://www.zerodayinitiative.com/advisories/ZDI-20-1319/

https://www.zerodayinitiative.com/advisories/ZDI-20-1304/

https://www.zerodayinitiative.com/advisories/ZDI-20-1325/

https://www.zerodayinitiative.com/advisories/ZDI-20-1310/

https://www.zerodayinitiative.com/advisories/ZDI-20-1302/

https://www.zerodayinitiative.com/advisories/ZDI-20-1327/

https://www.zerodayinitiative.com/advisories/ZDI-20-1322/

https://www.zerodayinitiative.com/advisories/ZDI-20-1314/

https://www.zerodayinitiative.com/advisories/ZDI-20-1317/

https://www.zerodayinitiative.com/advisories/ZDI-20-1307/

https://www.zerodayinitiative.com/advisories/ZDI-20-1291/

https://www.zerodayinitiative.com/advisories/ZDI-20-1294/

https://softwaresupport.softwaregrp.com/doc/KM03747657

https://softwaresupport.softwaregrp.com/doc/KM03747854

https://softwaresupport.softwaregrp.com/doc/KM03749879

https://softwaresupport.softwaregrp.com/doc/KM03747949

https://softwaresupport.softwaregrp.com/doc/KM03747948

https://softwaresupport.softwaregrp.com/doc/KM03747950

http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html

http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html

Rapid7

Technical Analysis